ESX 2.5.5 patch 12 updates service console packag ed

a. Updated ESX patch updates Service Console package "ed"If the VMDK delta disk of a snapshot is corrupt, an ESX host might crash when the corrupted disk is loaded. VMDK delta files exist for virtual machines with one or more snapshots. This change ensures that a corrupt VMDK delta file cannot be used to crash ESX hosts. “ed” is a line-oriented text editor, used to create, display, and modify text files (both interactively and via shell scripts). A heap-based buffer overflow was discovered in the way “ed”, the GNU line editor, processed long file names. An attacker could create a file with a specially-crafted name that could possibly execute an arbitrary code when opened in the “ed” editor. The Common Vulnerabilities and Exposures project ( cve.mitre.org) has assigned the name CVE-2008-3916 to this issue. The following table lists what action remediates the vulnerability (column 4) if a solution is available.