Tripwire, the popular security company focused on host intrusion detection (subcategory: file integrity checkers), just released a tool called ConfigCheck.
The application, released free of charge, is for Windows only and remotely connects to ESX hosts, verifying their configuration against a specific security guideline that VMware developed.
Obviously Tripwire also has an enterprise version of this tool which sells through BMC since March.
Additionally, Tripwire offers a document that guides the administrators in correcting the configuration mistakes.