JVN Info.

Id
51653  
Name
JVNDB-2007-000316  
Title
Apple Mac OS X の writeconfig ユーティリティにおける権限昇格の脆弱性  
Summary
Apple Mac OS X のシステム構成で使用されるユーティリティ writeconfig には、launchctl ユーティリティを起動する際に適切に PATH 環境変数を整備しないために、権限昇格の脆弱性が存在します。  
Nvdinfo
CVE-2007-0022  
Cvssv2
7.2  
Jvnurl
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000316.html  
Published Date
2007-01-22  
Registered Date
2007-05-18  
Last Updated Date
2007-05-18  

Actions

Related Nessuslogs

Id Log ID Jvninfo Id Plugin ID CVE CVSS Risk Host Protocol Port Name Synopsis Description Solution See Also Plugin Output Actions
51598 H28_MUN_DWEB_Q4_172_16_240_seg.csv 51653 89678 CVE-2009-4536 9.3 High 172.16.240.115 tcp 443 VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0009) (remote check) The remote VMware ESX / ESXi host is missing a security-related patch. The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the Linux Kernel in the do_anonymous_page() function due to improper separation of the stack and the heap. An attacker can exploit this to execute arbitrary code. (CVE-2010-2240) - A packet filter bypass exists in the Linux Kernel e1000 driver due to processing trailing payload data as a complete frame. A remote attacker can exploit this to bypass packet filters via a large packet with a crafted payload. (CVE-2009-4536) - A use-after-free error exists in the Linux Kernel when IPV6_RECVPKTINFO is set on a listening socket. A remote attacker can exploit this, via a SYN packet while the socket is in a listening (TCP_LISTEN) state, to cause a kernel panic, resulting in a denial of service condition. (CVE-2010-1188) - An array index error exists in the Linux Kernel in the gdth_read_event() function. A local attacker can exploit this, via a negative event index in an IOCTL request, to cause a denial of service condition. (CVE-2009-3080) - A race condition exists in the VMware Host Guest File System (HGFS) that allows guest operating system users to gain privileges by mounting a filesystem on top of an arbitrary directory. (CVE-2011-1787) - A flaw exists in the VMware Host Guest File System (HGFS) that allows a Solaris or FreeBSD guest operating system user to modify arbitrary guest operating system files. (CVE-2011-2145) - A flaw exists in the VMware Host Guest File System (HGFS) that allows guest operating system users to disclose host operating system files and directories. (CVE-2011-2146) - A flaw exists in the bundled Tom Sawyer GET Extension Factory that allows a remote attacker to cause a denial of service condition or the execution of arbitrary code via a crafted HTML document. (CVE-2011-2217) Apply the appropriate patch according to the vendor advisory that pertains to ESX version 3.5 / 4.0 / 4.1 or ESXi version 3.5 / 4.0 / 4.1 / 5.0. https://www.vmware.com/security/advisories/VMSA-2011-0009 http://lists.vmware.com/pipermail/security-announce/2011/000158.html Version : ESX 4.0 Installed build : 208167 Fixed build : 392990
51873 H28_MUN_DWEB_Q4_172_16_240_seg.csv 51653 89740 CVE-2009-4536 10 Critical 172.16.240.115 tcp 443 VMware ESX / ESXi Third-Party Libraries and Components (VMSA-2010-0009) (remote check) The remote VMware ESX / ESXi host is missing a security-related patch. The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries : - libpng - VMnc Codec - vmrun - VMware Remote Console (VMrc) - VMware Tools - vmware-authd Apply the appropriate patch according to the vendor advisory that pertains to ESX version 3.5 / 4.0 or ESXi version 3.5 / 4.0. https://www.vmware.com/security/advisories/VMSA-2010-0009 http://lists.vmware.com/pipermail/security-announce/2010/000099.html Version : ESX 4.0 Installed build : 208167 Fixed build : 256968
57179 H28_DWEB_NW_Scan_Q1_172_16_240_Seg_20160518_hepxqa.csv 51653 89678 CVE-2009-4536 9.3 High 172.16.240.115 tcp 443 VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0009) (remote check) The remote VMware ESX / ESXi host is missing a security-related patch. The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the Linux Kernel in the do_anonymous_page() function due to improper separation of the stack and the heap. An attacker can exploit this to execute arbitrary code. (CVE-2010-2240) - A packet filter bypass exists in the Linux Kernel e1000 driver due to processing trailing payload data as a complete frame. A remote attacker can exploit this to bypass packet filters via a large packet with a crafted payload. (CVE-2009-4536) - A use-after-free error exists in the Linux Kernel when IPV6_RECVPKTINFO is set on a listening socket. A remote attacker can exploit this, via a SYN packet while the socket is in a listening (TCP_LISTEN) state, to cause a kernel panic, resulting in a denial of service condition. (CVE-2010-1188) - An array index error exists in the Linux Kernel in the gdth_read_event() function. A local attacker can exploit this, via a negative event index in an IOCTL request, to cause a denial of service condition. (CVE-2009-3080) - A race condition exists in the VMware Host Guest File System (HGFS) that allows guest operating system users to gain privileges by mounting a filesystem on top of an arbitrary directory. (CVE-2011-1787) - A flaw exists in the VMware Host Guest File System (HGFS) that allows a Solaris or FreeBSD guest operating system user to modify arbitrary guest operating system files. (CVE-2011-2145) - A flaw exists in the VMware Host Guest File System (HGFS) that allows guest operating system users to disclose host operating system files and directories. (CVE-2011-2146) - A flaw exists in the bundled Tom Sawyer GET Extension Factory that allows a remote attacker to cause a denial of service condition or the execution of arbitrary code via a crafted HTML document. (CVE-2011-2217) Apply the appropriate patch according to the vendor advisory that pertains to ESX version 3.5 / 4.0 / 4.1 or ESXi version 3.5 / 4.0 / 4.1 / 5.0. https://www.vmware.com/security/advisories/VMSA-2011-0009 http://lists.vmware.com/pipermail/security-announce/2011/000158.html Version : ESX 4.0 Installed build : 208167 Fixed build : 392990
57454 H28_DWEB_NW_Scan_Q1_172_16_240_Seg_20160518_hepxqa.csv 51653 89740 CVE-2009-4536 10 Critical 172.16.240.115 tcp 443 VMware ESX / ESXi Third-Party Libraries and Components (VMSA-2010-0009) (remote check) The remote VMware ESX / ESXi host is missing a security-related patch. The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries : - libpng - VMnc Codec - vmrun - VMware Remote Console (VMrc) - VMware Tools - vmware-authd Apply the appropriate patch according to the vendor advisory that pertains to ESX version 3.5 / 4.0 or ESXi version 3.5 / 4.0. https://www.vmware.com/security/advisories/VMSA-2010-0009 http://lists.vmware.com/pipermail/security-announce/2010/000099.html Version : ESX 4.0 Installed build : 208167 Fixed build : 256968