CVE-2015-6277

The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.21SV31.4, Nexus 3000 devices 7.30ZD0.47, Nexus 4000 devices 4.12E1, Nexus 9000 devices 7.30ZD0.61, and MDS 9000 devices 7.00HSK0.353 and SAN-OS NX-OS on MDS 9000 devices 7.00HSK0.353 allows remote attackers to cause...

CVE-2015-6277

The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.21SV31.4, Nexus 3000 devices 7.30ZD0.47, Nexus 4000 devices 4.12E1, Nexus 9000 devices 7.30ZD0.61, and MDS 9000 devices 7.00HSK0.353 and SAN-OS NX-OS on MDS 9000 devices 7.00HSK0.353 allows remote attackers to cause...

CVE-2015-6277

Cisco NX-OS ARP handling vulnerability (CVE-2015-6277) affects multiple Cisco platforms: Nexus 1000V (VMware vSphere 5.2(1)SV3(1.4)), Nexus 3000, Nexus 4000, Nexus 9000, MDS 9000 and SAN-OS NX-OS on MDS 9000. Root cause is improper input/packet-header field validation in the ARP implementation, a...

CVE-2015-4323

Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.30ZN0.9; Nexus 3000 devices 6.02U51.41, 7.03I20.373, and 7.30ZN0.83; Nexus 4000 devices 4.12E11b; Nexus 7000 devices 6.214S1; Nexus 9000 devices 7.30ZN0.9; and MDS 9000 devices 6.2 13 and 7.10ZN91.99 and MDS SAN-OS...

VMware ESX and ESXi Server SOAP Request Handling Denial Of Service - Ver2 (CVE-2012-5703)

A denial of service vulnerability exists in VMware ESX and ESXi server. The vulnerability is due to improper handling of certain SOAP requests in the vSphere API. A remote unauthenticated attacker could exploit this vulnerability by sending specially crafted messages to the affected server...

VMware vSphere Update Manager Java Vulnerability (VMSA-2015-0003)

The version of VMware vSphere Update Manager installed on the remote Windows host is 5.0 prior to Update 3d, 5.1 prior to Update 3a, 5.5 prior to Update 2e, or 6.0 prior to 6.0.0a. It is, therefore, affected by a vulnerability related to the bundled version of Oracle JRE prior to 1.7.076. A flaw...

Release Notes for Veeam Backup & Replication 8.0 Update 2b

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Release Notes for Veeam Backup & Replication 8.0 Update 2b Cause Please confirm you are running version 8.0.0.807, 8.0.0.817, 8.0.0.831, 8.0.0.917, 8.0.0.201...

KLA10530 JRE update for multiple VMware products

Multiple VMware products were updated to address vulnerabilities in Oracle Java. For details look at KLA10447. Original advisories VMSA advisory KLA10447 Exploitation Public exploits exist for this vulnerability. Related products VMware-unclassified-products CVE list CVE-2014-6593 warning Solutio...

Cisco Virtual TelePresence Server Serial Console Privileged Access Vulnerability

A vulnerability in Cisco Virtual TelePresence Server Software could allow an authenticated, local attacker to access the shell of the underlying operating system with the privilege level of the root user. The vulnerability is due to undocumented privileged access through the serial connection,...

CVE-2015-0660

Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller administrative privileges, aka Bug ID CSCus61123...

Design/Logic Flaw

Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller administrative privileges, aka Bug ID CSCus61123...

CVE-2015-0660

Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller administrative privileges, aka Bug ID CSCus61123...

VDDK error: 13 - Troubleshooting

Challenge Backup/Replication jobs fail with: VDDK error: 13.You do not have access rights to this file Solution Below is a list of possible solutions to this issue sorted by what transport mode was being used when this error occurred. Note: There are many causes for VDDK 13; this list is not...

VMware vSphere Data Protection Certificate Validation (VMSA-2015-0002)

The version of VMware vSphere Data Protection installed on the remote host is 5.1.x / 5.5.x prior to 5.5.9, or 5.8.x prior to 5.8.1. It is, therefore, affected by a certificate validation vulnerability that allows man-in-the-middle MitM attacks. C Tenable Network Security, Inc. include"compat.inc...

Some disks which were excluded in the source backup are included in the replication job settings

Challenge A Replication job utilizing the Replica from Backup feature to source data from a Backup job's restore points fails with the error: Some disks which were excluded in the source backup are included in the replication job settings Cause This error occurs when there are disks that were...

VMware vSphere Data Protection certificate validation bypass

Insufficient server certificate validation...

NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2015-0002 Synopsis: VMware vSphere Data Protection product update addresses a certificate validation vulnerability. Issue date:...

VMware vSphere Data Protection Certificate Validation Security Bypass Vulnerability

VMWare is a "virtual PC" software that allows you to run two or more Windows, DOS, or Linux systems on a single machine at the same time. A validation security bypass vulnerability exists in the VMware vSphere data protection certificate, which can be exploited by an attacker to perform a...

Design/Logic Flaw

VMware vSphere Data Protection VDP 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store ADS and Avamar Virtual Edition AVE 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoo...

CVE-2014-4632

VMware vSphere Data Protection VDP 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store ADS and Avamar Virtual Edition AVE 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoo...