VMware ESX Server Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 9 Jan 2008 5694 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in VMware ESX Server, which could be exploited by attackers to bypass security restrictions or execute arbitrary code.These issues are caused by errors in OpenPegasus, Samba, util-linux, Perl, and OpenSSL.

Impact

Denial of Service
Elevation of Privilege
Remote Code Execution

System / Technologies affected

VMware ESX Server 2.x
VMware ESX Server 3.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

ESX Server 3.x Patches:
http://www.vmware.com/download/vi/vi3_patches.html
ESX Server 2.x Patches:
http://www.vmware.com/download/esx/esx2_patches.html
ESX Server 2.5.5 Upgrade Patch 3:
http://download3.vmware.com/software/esx/esx-2.5.5-65742-upgrade.tar.gz
http://www.vmware.com/support/esx25/doc/esx-255-200712-patch.html
ESX Server 2.5.4 Upgrade Patch 14:
http://download3.vmware.com/software/esx/esx-2.5.4-65752-upgrade.tar.gz
http://www.vmware.com/support/esx25/doc/esx-254-200712-patch.html

Vulnerability Identifier

Source

Related Link

Share with

Microsoft Windows LSASS Bypass Vulnerability( 09 January 2008 )

9 Jan 2008 5478 Views

VMware ESX Server and VirtualCenter Multiple Vulnerabilities

9 Jan 2008 5586 Views