VMware Products Code Execution and Security Bypass Vulnerabilities
Last Update Date:
16 Feb 2011
Release Date:
14 Feb 2011
6526
Views
RISK: High Risk
TYPE: Operating Systems - VM Ware
Multiple vulnerabilities have been identified in various VMware products, which could be exploited by attackers or malicious users to bypass security restrictions, gain knowledge of certain information, cause a denial of service or execute arbitrary code. These issues are caused by errors in Tomcat, cURL, COS Kernel, MS SQL Express, OpenSSL, JRE and pam_krb5.
Impact
- Denial of Service
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- VMware vCenter Server versions 4.x
- VMware vCenter Update Manager versions 4.x
- VMware vCenter Update Manager versions 1.x
- VMware ESXi versions 4.x
- VMware ESX versions 4.x
- VMware VirtualCenter versions 2.x
- VMware VirtualCenter versions 2.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- VMware vCenter Server 4.1 - Apply Update 1
- VMware vCenter Update Manager 4.1 - Apply Update 1
- VMware ESXi 4.1 - Apply patch ESXi410-201101201-SG
- VMware ESX 4.1 - Apply patch ESX410-201101201-SG
Vulnerability Identifier
- CVE-2008-0085
- CVE-2008-0086
- CVE-2008-0106
- CVE-2008-0107
- CVE-2008-3825
- CVE-2008-5416
- CVE-2009-1384
- CVE-2009-2693
- CVE-2009-2901
- CVE-2009-2902
- CVE-2009-3548
- CVE-2009-3555
- CVE-2009-4308
- CVE-2010-0003
- CVE-2010-0007
- CVE-2010-0008
- CVE-2010-0082
- CVE-2010-0084
- CVE-2010-0085
- CVE-2010-0087
- CVE-2010-0088
- CVE-2010-0089
- CVE-2010-0090
- CVE-2010-0091
- CVE-2010-0092
- CVE-2010-0093
- CVE-2010-0094
- CVE-2010-0095
- CVE-2010-0291
- CVE-2010-0307
- CVE-2010-0410
- CVE-2010-0415
- CVE-2010-0433
- CVE-2010-0437
- CVE-2010-0622
- CVE-2010-0730
- CVE-2010-0734
- CVE-2010-0740
- CVE-2010-0837
- CVE-2010-0838
- CVE-2010-0839
- CVE-2010-0840
- CVE-2010-0841
- CVE-2010-0842
- CVE-2010-0843
- CVE-2010-0844
- CVE-2010-0845
- CVE-2010-0846
- CVE-2010-0847
- CVE-2010-0848
- CVE-2010-0849
- CVE-2010-0850
- CVE-2010-0886
- CVE-2010-1084
- CVE-2010-1085
- CVE-2010-1086
- CVE-2010-1087
- CVE-2010-1088
- CVE-2010-1157
- CVE-2010-1173
- CVE-2010-1187
- CVE-2010-1321
- CVE-2010-1436
- CVE-2010-1437
- CVE-2010-1641
- CVE-2010-2066
- CVE-2010-2070
- CVE-2010-2226
- CVE-2010-2227
- CVE-2010-2248
- CVE-2010-2521
- CVE-2010-2524
- CVE-2010-2928
- CVE-2010-2939
- CVE-2010-3081
- CVE-2010-3541
- CVE-2010-3548
- CVE-2010-3549
- CVE-2010-3550
- CVE-2010-3551
- CVE-2010-3553
- CVE-2010-3554
- CVE-2010-3556
- CVE-2010-3557
- CVE-2010-3559
- CVE-2010-3561
- CVE-2010-3562
- CVE-2010-3565
- CVE-2010-3566
- CVE-2010-3567
- CVE-2010-3568
- CVE-2010-3569
- CVE-2010-3571
- CVE-2010-3572
- CVE-2010-3573
- CVE-2010-3574
- CVE-2010-3864
Source
Related Link
Share with