Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote ESXi is missing one or more security related Updates from VMSA-2011-0004.3.
Insight
Insight
Service Location Protocol daemon (SLPD) denial of service issue and ESX 4.0 Service Console OS (COS) updates for bind, pam, and rpm. a. Service Location Protocol daemon DoS This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). b. Service Console update for bind This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security issues. c. Service Console update for pam This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules. d. Service Console update for rpm, rpm-libs, rpm-python, and popt This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which resolves a security issue.
Affected Software
Affected Software
VMware ESXi 4.1 without patch ESXi410-201101201-SG. VMware ESXi 4.0 without patch ESXi400-201103401-SG. VMware ESX 4.1 without patches ESX410-201101201-SG, ESX410-201104407-SG and ESX410-201110207-SG. VMware ESX 4.0 without patches ESX400-201103401-SG, ESX400-201103404-SG, ESX400-201103406-SG and ESX400-201103407-SG.
Solution
Solution
Apply the missing patch(es).