RootSSV:60646VMware vCenter, ESXi, ESX NFC协议内存破坏漏洞
0.001 Low
EPSS
Percentile
43.1%
BUGTRAQ ID: 58115
CVE(CAN) ID: CVE-2013-1659
VMware vCenter是VMware vSphere套件中一个强大的主机和虚拟机集中管理组件。VMware ESX Server是为适用于任何系统环境的企业级虚拟计算机软件。
VMware vCenter, ESXi, ESX NFC在处理NFC协议时存在安全漏洞,要利用此漏洞攻击者必须截获并修改vCenter Server与客户端或ESXi/ESX与客户端之间的NFC通讯。成功利用此漏洞可导致代码执行。
0
VMWare ESX 4.1
VMWare ESX 4.0
VMWare ESX 3.5
VMWare ESXi 5.0
VMWare ESXi 4.1
VMWare ESXi 4.0
VMWare ESXi 3.5
厂商补丁:
VMWare
VMWare已经为此发布了一个安全公告(VMSA-2013-0003)以及相应补丁:
VMSA-2013-0003:VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues.
链接:http://www.vmware.com/security/advisories/VMSA-2013-0003.html
补丁下载:
vCenter Server 5.1.0
Download link:
https://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/5_1
Release Notes:
https://www.vmware.com/support/vsphere5/doc/vsphere-vcenter-server-510b-release-notes.html
vCenter Server 5.0
Download link:
https://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/5_0
Release Notes:
https://www.vmware.com/support/vsphere5/doc/vsp_vc50_u2_rel_notes.html
vCenter Server 4.0
Download link:
https://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/4_0
Release Notes:
https://www.vmware.com/support/vsphere4/doc/vsp_vc40_u4b_rel_notes.html
VirtualCenter 2.5
Download link:
http://downloads.vmware.com/d/info/datacenter_downloads/vmware_infrastructure_3/3_5
Release Notes:
https://www.vmware.com/support/vi3/doc/vi3_vc25u6c_rel_notes.html
ESXi and ESX
https://www.vmware.com/patchmgr/download.portal
ESXi 5.1
File: ESXi510-201212001.zip
md5sum: 81d562c00942973f13520afac4868748
sha1sum: ec1ff6d3e3c9b127252ba1b710c74119f1164786
http://kb.vmware.com/kb/2035775
ESXi510-201212001 contains ESXi510-201212102-SG
ESXi 5.0
File: update-from-esxi5.0-5.0_update02.zip
md5sum: ab8f7f258932a39f7d3e7877787fd198
sha1sum: b65bacab4e38cf144e223cff4770501b5bd23334
http://kb.vmware.com/kb/2033751
update-from-esxi5.0-5.0_update02 contains ESXi500-201212102-SG
ESXi 4.1
File: ESXi410-201211001.zip
md5sum: f7da5cd52d3c314abc31fe7aef4e50d3
sha1sum: a4d2232723717d896ff3b0879b0bdb3db823c0a1
http://kb.vmware.com/kb/2036257
ESXi410-201211001 contains ESXi410-201211402-BG
ESXi 4.0
File: ESXi400-201302001.zip
md5sum: 8fca17ca97669dd1d34c34902e8e7ddf
sha1sum: 51d76922eb7116810622acdd611f3029237a5680
http://kb.vmware.com/kb/2041344
ESXi400-201302001 contains ESXi400-201302402-SG
ESXi 3.5
File: ESXe350-201302401-O-SG.zip
md5sum: a2c5f49bc865625b3796c41c202d1696
sha1sum: 12d25011d9940ea40d45f77a4e5bcc7e7b0c0cee
http://kb.vmware.com/kb/2042543
ESXe350-201302401-O-SG.zip contains ESXe350-201302401-I-SG and ESXe350-201302403-C-SG
ESX 4.1
File: ESX410-201211001.zip
md5sum: c167bccc388661e329fc494df13855c3
sha1sum: a8766b2eff68813a262d21a6a6ebeaae62e58c98
http://kb.vmware.com/kb/2036254
ESX410-201211001 contains ESX410-201211401-SG
ESX 4.0
File: ESX400-201302001.zip
md5sum: 5ca4276e97c19b832d778e17e5f4ba64
sha1sum: 8d73cf062d8b23bd23f9b85d23f97f2888e4612f
http://kb.vmware.com/kb/2041343
ESX400-201302001 contains ESX400-201302401-SG
ESX 3.5
File: ESX350-201302401-SG.zip
md5sum: e703cb0bc3e1eaa8932a96ea96f34a00
sha1sum: 91dcf1bf7194a289652d0904dd7af8bce0a1d2dd
http://kb.vmware.com/kb/2042541
Related
