MiracleLinux 7 : open-vm-tools-11.0.5-3.el7.9 (AXSA:2023-6579:12)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6579:12 advisory. open-vm-tools: SAML token signature bypass CVE-2023-34058 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper...

MiracleLinux 8 : open-vm-tools-12.2.5-3.el8.1.ML.1 (AXSA:2024-7375:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7375:01 advisory. open-vm-tools: SAML token signature bypass CVE-2023-34058 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper...

MiracleLinux 9 : open-vm-tools-12.2.5-3.el9_3.2.ML.1 (AXSA:2024-7395:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7395:02 advisory. open-vm-tools: SAML token signature bypass CVE-2023-34058 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper...

TencentOS Server 4: open-vm-tools (TSSA-2024:0041)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0041 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 2: open-vm-tools (TSSA-2023:0276)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0276 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

TencentOS Server 3: open-vm-tools (TSSA-2023:0305)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0305 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0140: open-vm-tools (ALINUX3-SA-2023:0140)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0140 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-34058: VMware Tools contains a SA...

CVE-2023-34058 affecting package open-vm-tools for versions less than 11.3.0-3

CVE-2023-34058 affecting package open-vm-tools for versions less than 11.3.0-3. A patched version of the package is available...

CentOS: Security Advisory for open-vm-tools (CESA-2023:7279)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for open (SUSE-SU-2023:4227-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : open-vm-tools (RHSA-2023:7264)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7264 advisory. The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualizati...

K000138114: open-vm-tools vulnerability CVE-2023-34058

Security Advisory Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https : //docs . vmware . com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtu...

CentOS 7 : open-vm-tools (RHSA-2023:7279)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7279 advisory. - VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges...

Ubuntu: Security Advisory (USN-6463-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6463-2 open-vm-tools vulnerabilities

USN-6463-1 fixed vulnerabilities in Open VM Tools. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker with Guest Operations privileges could...

Rocky Linux 8 : open-vm-tools (RLSA-2023:7265)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:7265 advisory. - VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges...

open-vm-tools security update

12.2.5-3.0.1.1 - Fix CVE-2023-34058 open-vm-tools: SAML token signature bypass - Fix CVE-2023-34059 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper...

Oracle Linux 7 : open-vm-tools (ELSA-2023-7279)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7279 advisory. - Resolves: RHEL-14642 CVE-2023-34058 open-vm-tools: SAML token signature bypass rhel-7.9.z - Resolves: RHEL-14676 CVE-2023-34059 open-vm-tools: file...

open-vm-tools security update

11.0.5-3.0.1 - fix spaces in vmware udev rule for scsi devices Orabug: 24461968 - Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. Orabug: 22815019 - Increase timeout for scsi devices on VMWare guests by adding a udev rule. - Created a new file 99-vmware-scsi-timeout.rules - Modified sp...

Important: Red Hat Security Advisory: open-vm-tools security update

An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...