- Home
- CVEs with nessus.description==The remote VMware ESX host is missing a security-related patch. It is,
therefore, affected by multiple vulnerabilities :
- A flaw exists in sudo in file parse.c due to a failure
to properly interpret a system group (%group) in the
sudoers configuration file when handling authorization
decisions for users belonging to that group. A local
attacker can exploit this to gain root privileges via a
crafted sudo command. (CVE-2009-0034)
- A flaw exists in the redirect implementation in libcurl
that allows arbitrary Location values to be accepted
when CURLOPT_FOLLOWLOCATION is enabled. An attacker
with control of a remote HTTP server can exploit this,
via crafted redirect URLs, to trigger requests to
intranet servers, to read or write arbitrary files, or
to execute arbitrary commands. (CVE-2009-0037)
- A flaw exists in udev due to a failure to verify that a
NETLINK message originates from the kernel space. A
local attacker can exploit this, via a crafted NETLINK
message, to gain elevated privileges on the root file
system. (CVE-2009-1185)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top