14 matches found
VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2010-0004) (remote check)
The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party components and libraries : - bind - expat - glib2 - Kernel - newt - nfs-utils - NTP - OpenSSH - OpenSSL...
VMSA-2008-0015 : Updated ESXi and ESX 3.5 packages address critical security issue in openwsman
a. Updated Openwsman Openwsman is a system management platform that implements the Web Services Management protocol WS-Management. It is installed and running by default. It is used in the VMware Management Service Console and in ESXi. The openwsman 2.0.0 management service on ESX 3.5 and ESXi 3....
VMSA-2010-0010 : ESX 3.5 third-party update for Service Console kernel
a. Service Console update for COS kernel The service console package kernel is updated to version 2.4.21-63. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2008-5029, CVE-2008-5300, CVE-2009-1337, CVE-2009-1385, CVE-2009-1895, CVE-2009-2848, CVE-2009-300...
VMSA-2010-0010:ESX 3.5 third party update for Service Console kernel
VMSA-2010-0010 ESX 3.5 third party update for Service Console kernel VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0010 VMware Security Advisory Synopsis: ESX 3.5 third party update for Service Console kernel VMware Security Advisory Issue date: 2010-06-24 VMware Securi...
VMSA-2010-0005 VMware products address vulnerabilities in WebAccess
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2010-0005 Synopsis: VMware products address vulnerabilities in WebAccess Issue date: 2010-03-29 Updated on: 2010-03-29 initial releas...
VMSA-2008-00010 : Updated Tomcat and Java JRE packages for VMware, ESX 3.5 and VirtualCenter 2.5 (DEPRECATED)
Updated ESX patches and VirtualCenter update 2 fix the following application vulnerabilities. a. Tomcat Server Security Update This release of ESX updates the Tomcat Server package to version 5.5.26, which addresses multiple security issues that existed in earlier releases of Tomcat Server. The...
CVE-2008-4914
Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401-I-SG and ESX 3.5 before ESX350-200901401-SG allows local administrators to cause a denial of service host crash via a snapshot with a malformed VMDK delta disk...
VMware VirtualCenter目录遍历漏洞
BUGTRAQ ID: 32172 CVECAN ID: CVE-2008-4281 VirtualCenter是VMware的虚拟服务器管理系统。 VirtualCenter中的目录遍历漏洞可能允许拥有Datastore.FileManagement权限的管理员获得提升的权限。 VMWare ESX 3.5 VMWare ESXi 3.5 VMWare ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://download3.vmware.com/software/vi/ESXe350-200810401-O-UG.zip...
CVE-2008-4281
CVE-2008-4281 is a VMware directory-traversal vulnerability affecting ESXi 3.5 and ESX 3.5 (before patches ESXe350-200810401-O-UG and ESX350-200810201-UG). Exploitation requires a user with Datastore.FileManagement privileges; the attack vectors are not specified in the provided documents. VMware...
VMSA-2008-0015 Updated ESXi and ESX 3.5 packages address critical security issue in openwsman
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2008-0015 Synopsis: Updated ESXi and ESX 3.5 packages address critical security issue in openwsman Issue date: 2008-09-18 Updated on:...
VMSA-2008-0010:Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter
VMSA-2008-0010.3 Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0010.3 VMware Security AdvisorySynopsis: Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter VMware Security...
CVE-2008-2097
Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."...
Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus
a. Updated pcre Service Console package addresses several security issuesThe pcre package contains the Perl-Compatible Regular Expression library. pcre is used by various Service Console utilities. Several security issues were discovered in the way PCRE handles regular expressions. If an...
VMSA-2008-0002:Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.
VMSA-2008-0002.1 Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1. VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0002.1 VMware Security AdvisorySynopsis: Updated Tomcat and Java JRE packages for...