VMware ESX Server Multiple Security Updates - Secunia - 6/05/2008 - Chris Mosby at myITforum.com

Thursday, June 05, 2008 8:39 AM cmosby

VMware ESX Server Multiple Security Updates - Secunia - 6/05/2008

VMware ESX Server Multiple Security Updates

Secunia Advisory:
SA30535

Release Date:
2008-06-05

Critical:

Highly critical

Impact:
Exposure of sensitive information
DoS
System access

Where:
From remote

Solution Status:
Vendor Patch

OS:
VMware ESX Server 2.x
VMware ESX Server 3.x

CVE reference:
CVE-2006-1721 (Secunia mirror)
CVE-2007-4772 (Secunia mirror)
CVE-2007-5378 (Secunia mirror)
CVE-2008-0062 (Secunia mirror)
CVE-2008-0063 (Secunia mirror)
CVE-2008-0553 (Secunia mirror)
CVE-2008-0888 (Secunia mirror)
CVE-2008-0948 (Secunia mirror)

Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.

For more information:
SA19618
SA26942
SA28359
SA28784
SA29415
SA29428

Solution:
Apply patches.

ESX 3.5 patch ESX350-200805504-SG:
http://download3.vmware.com/software/esx/ESX350-200805504-SG.zip

ESX 3.5 patch ESX350-200805506-SG:
http://download3.vmware.com/software/esx/ESX350-200805506-SG.zip

ESX 3.5 patch ESX350-200805505-SG:
http://download3.vmware.com/software/esx/ESX350-200805505-SG.zip

ESX 3.5 patch ESX350-200805507-SG:
http://download3.vmware.com/software/esx/ESX350-200805507-SG.zip

ESX 3.0.2 patch ESX-1004722:
http://download3.vmware.com/software/vi/ESX-1004722.tgz

ESX 3.0.2 patch ESX-1004724:
http://download3.vmware.com/software/vi/ESX-1004724.tgz

ESX 3.0.2 patch ESX-1004719:
http://download3.vmware.com/software/vi/ESX-1004719.tgz

ESX 3.0.2 patch ESX-1004219:
http://download3.vmware.com/software/vi/ESX-1004219.tgz

ESX 3.0.1 patch ESX-1004721:
http://download3.vmware.com/software/vi/ESX-1004721.tgz

ESX 3.0.1 patch ESX-1004723:
http://download3.vmware.com/software/vi/ESX-1004723.tgz

ESX 3.0.1 patch ESX-1004190:
http://download3.vmware.com/software/vi/ESX-1004190.tgz

ESX 3.0.1 patch ESX-1004189:
http://download3.vmware.com/software/vi/ESX-1004189.tgz

ESX 2.5.5 Upgrade Patch 8:
http://download3.vmware.com/software/esx/esx-2.5.5-90521-upgrade.tar.gz

ESX 2.5.4 Upgrade Patch 19:
http://download3.vmware.com/software/esx/esx-2.5.4-90520-upgrade.tar.gz

Original Advisory:
http://www.vmware.com/security/advisories/VMSA-2008-0009.html

Other References:
SA19618:
http://secunia.com/advisories/19618/

SA26942:
http://secunia.com/advisories/26942/

SA28359:
http://secunia.com/advisories/28359/

SA28784:
http://secunia.com/advisories/28784/

SA29415:
http://secunia.com/advisories/29415/

SA29428:
http://secunia.com/advisories/29428/ Filed under: Patch Management, Security, Configuration Managment, Virtualization, Enterprise Applications, Software Vulnerabilites

Comments

No Comments