VMwareESX Multiple Code Execution Vulnerabilities
RISK: Medium Risk
Multiple vulnerabilities have been identified in VMware ESX, which could be exploited by remote attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or compromise a vulnerable system. These issues are caused by errors in DHCP, Service Console kernel, and JRE.
Impact
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- VMware ESX version 3.5
- VMware ESX version 3.0.3
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Apply patches for VMware ESX version 3.5 (ESX350-200910406-SG, ESX350-200910401-SG and ESX350-200910403-SG) :
http://download3.vmware.com/software/vi/ESX350-200910406-SG.zip
http://download3.vmware.com/software/vi/ESX350-200910401-SG.zip
http://download3.vmware.com/software/vi/ESX350-200910403-SG.zipApply patch for VMware ESX version 3.0.3 (ESX303-200910402-SG) :
http://download3.vmware.com/software/vi/ESX303-200910402-SG.zip
Vulnerability Identifier
- CVE-2007-6063
- CVE-2008-0598
- CVE-2008-2086
- CVE-2008-2136
- CVE-2008-2812
- CVE-2008-3275
- CVE-2008-5343
- CVE-2008-5344
- CVE-2008-5345
- CVE-2008-5346
- CVE-2008-5347
- CVE-2008-5348
- CVE-2008-5349
- CVE-2008-5350
- CVE-2008-5351
- CVE-2008-5352
- CVE-2008-5353
- CVE-2008-5354
- CVE-2008-5355
- CVE-2008-5356
- CVE-2008-5357
- CVE-2008-5358
- CVE-2008-5359
- CVE-2008-5360
- CVE-2009-0692
- CVE-2009-1093
- CVE-2009-1094
- CVE-2009-1095
- CVE-2009-1096
- CVE-2009-1097
- CVE-2009-1098
- CVE-2009-1099
- CVE-2009-1100
- CVE-2009-1101
- CVE-2009-1102
- CVE-2009-1103
- CVE-2009-1104
- CVE-2009-1105
- CVE-2009-1106
- CVE-2009-1107
- CVE-2009-1893
Source
Related Link
Share with