|
VMware ESX Server update for Tomcat and Java JRE
|
|
Secunia Advisory:
|
SA30676
|
|
|
Release Date:
|
2008-06-17
|
|
Popularity:
|
3,871 views
|
|
|
Critical:
|
 Highly critical
|
|
Impact:
|
Security Bypass Manipulation of data Exposure of system information Exposure of sensitive information DoS System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Partial Fix
|
|
| OS: | VMware ESX Server 3.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| CVE reference: | CVE-2007-5232 CVE-2007-5236 CVE-2007-5237 CVE-2007-5238 CVE-2007-5239 CVE-2007-5240 CVE-2007-5274 CVE-2007-5333 CVE-2007-5342 CVE-2007-5461 CVE-2007-5689 CVE-2007-6286 CVE-2008-0657 CVE-2008-1185 CVE-2008-1186 CVE-2008-1187 CVE-2008-1188 CVE-2008-1189 CVE-2008-1190 CVE-2008-1191 CVE-2008-1192 CVE-2008-1193 CVE-2008-1194 CVE-2008-1195 CVE-2008-1196
|
|
Description: VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), bypass certain security restrictions, manipulate data, disclose sensitive/system information, or potentially compromise a vulnerable system.
For more information:
SA27009
SA27320
SA27398
SA28274
SA28795
SA28878
SA29239
Solution: Apply patches.
ESX 3.5 patch ESX350-200806404-SG:
http://download3.vmware.com/software/esx/ESX350-200806404-SG.zip
md5sum: 669e97880a21cce13eb7e9051f403162
http://kb.vmware.com/kb/1005219
ESX 3.0.1 and 3.0.2:
The patches are not yet available.
Original Advisory: http://www.vmware.com/security/advisories/VMSA-2008-0010.html
Other References: SA27009:
http://secunia.com/advisories/27009/
SA27320:
http://secunia.com/advisories/27320/
SA27398:
http://secunia.com/advisories/27398/
SA28274:
http://secunia.com/advisories/28274/
SA28795:
http://secunia.com/advisories/28795/
SA28878:
http://secunia.com/advisories/28878/
SA29239:
http://secunia.com/advisories/29239/
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|