VMware ESX / ESXi Server Multiple Vulnerabilities

Last Update Date: 14 Oct 2011 11:53 Release Date: 14 Oct 2011 6455 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - VM Ware

TYPE: VM Ware

Multiple vulnerabilities have been identified in VMware ESX and ESXi Server, which can be exploited by malicious people to  disclose sensitive information, gain escalated privileges, conduct spoofing attacks, bypass certain security features, cause a Denial of Service and compromise a vulnerable system.

  1. Multiple vulnerabilities exist in the Service Console kernel.
  2. Multiple vulnerabilities exist in Kerberos (krb5-libs and krb5-workstation).
  3. Multiple vulnerabilities exist in the GNU C Library.
  4. Some errors in the mptsas, mpt2sas, and mptspi drivers can be exploited to corrupt memory.

Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure
  • Spoofing
  • Data Manipulation
  • LAN Based Remote Code Execution

System / Technologies affected

  • VMware ESX Server 3.x
  • VMware ESX Server 4.x
  • VMware ESX Server 5.x
  • VMware ESXi 4.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apple Safari Multiple Vulnerabilities

13 Oct 2011 5724 Views

Next

Opera Browser SVG Data Processing Remote Code Execution Vulnerability

17 Oct 2011 5706 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY