logo
DATABASE RESOURCES PRICING ABOUT US

VMSA-2012-0018: VMware security updates for vCSA and ESXi

Description

The remote ESXi is missing one or more security related Updates from VMSA-2012-0018. Summary VMware has updated vCenter Server Appliance (vCSA) and ESX to address multiple security vulnerabilities Relevant releases vCenter Server Appliance 5.1 prior to vCSA 5.1.0b vCenter Server Appliance 5.0 prior to vCSA 5.0 Update 2 VMware ESXi 5.1 without patch ESXi510-201212101 VMware ESXi 5.0 without patch ESXi500-201212101 Problem Description a. vCenter Server Appliance directory traversal The vCenter Server Appliance (vCSA) contains a directory traversal vulnerability that allows an authenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose sensitive information stored on the server. b. vCenter Server Appliance arbitrary file download The vCenter Server Appliance (vCSA) contains an XML parsing vulnerability that allows an authenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose sensitive information stored on the server. c. Update to ESX glibc package The ESX glibc package is updated to version glibc-2.5-81.el5_8.1 to resolve multiple security issues.


Related