Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
VMSA-2014-0002: VMware vCenter updates to third party libraries
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
VMware vSphere updates to third party libraries.
Insight
Insight
a. DDoS vulnerability in NTP third party libraries The NTP daemon has a DDoS vulnerability in the handling of thE 'monlist' command. An attacker may send a forged request to a vulnerable NTP server resulting in an amplified response to the intended target of the DDoS attack. b. Update to ESXi glibc package The ESXi glibc package is updated to version glibc-2.5-118.el5_10.2 to resolve a security issue. c. vCenter and Update Manager, Oracle JRE 1.7 Update 45 Oracle JRE is updated to version JRE 1.7 Update 45, which addresses multiple security issues that existed in earlier releases of Oracle JRE.
Affected Software
Affected Software
VMware vCenter Server 5.5 prior 5.5 Update 1.
Detection Method
Detection Method
Checks if a vulnerable build is present on the target host.
Solution
Solution
Apply the missing patch(es).