|
VMware ESX Server update for Samba and vmnix
|
|
Secunia Advisory:
|
SA31246
|
|
|
Release Date:
|
2008-07-29
|
|
Last Update:
|
2008-10-31
|
|
Popularity:
|
3,256 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
Exposure of sensitive information
Privilege escalation
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | VMware ESX Server 2.x
VMware ESX Server 3.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2006-4814
CVE-2007-5001
CVE-2007-6151
CVE-2007-6206
CVE-2008-0007
CVE-2008-1105
CVE-2008-1367
CVE-2008-1375
CVE-2008-1669
|
|
Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, to cause a DoS (Denial of Service), or to gain escalated privileges, and malicious people to compromise a vulnerable system.
For more information:
SA23436
SA27908
SA30108
SA30228
Solution:
Apply patches.
-- ESX 3.5 --
Apply ESX350-200806218-UG:
http://download3.vmware.com/software/esx/ESX350-200806218-UG.zip
md5sum: dfad21860ba24a6322b36041c0bc2a07
http://kb.vmware.com/kb/1005931
Apply ESX350-200806201-UG:
http://download3.vmware.com/software/esx/ESX350-200806201-UG.zip
md5sum: 2888192905a6763a069914fcd258d329
http://kb.vmware.com/kb/1005894
-- ESX 3.0.2 --
Apply patch ESX-1006029:
http://download3.vmware.com/software/vi/ESX-1006029.tgz
md5sum: 08b81541304a3a8a612679e6a50aaa6c
http://kb.vmware.com/kb/1006029
-- ESX 3.0.1 --
Apply patch ESX-1006028:
http://download3.vmware.com/software/vi/ESX-1006028.tgz
md5sum: 81e7e5771354340805ba6fb94ac7115a
http://kb.vmware.com/kb/1006028
-- ESX 2.5.5 --
Apply upgrade patch 10:
http://download3.vmware.com/software/esx/esx-2.5.5-119702-upgrade.tar.gz
md5sum: 2ee87cdd70b1ba84751e24c0bd8b4621
http://vmware.com/support/esx25/doc/esx-255-200810-patch.html
-- ESX 2.5.4 --
Apply upgrade patch 21:
http://download3.vmware.com/software/esx/esx-2.5.4-119703-upgrade.tar.gz
md5sum: d791be525c604c852a03dd7df0eabf35
http://vmware.com/support/esx25/doc/esx-254-200810-patch.html
Changelog:
2008-10-31: Updated "Solution" section with patches for ESX 2.5.4, 2.5.5, 3.0.1, and 3.0.2. Updated "Original Advisory" section.
Original Advisory:
VMSA-2008-0011:
http://lists.vmware.com/pipermail/security-announce/2008/000041.html
Other References:
SA23436:
http://secunia.com/advisories/23436/
SA27908:
http://secunia.com/advisories/27908/
SA30108:
http://secunia.com/advisories/30108/
SA30228:
http://secunia.com/advisories/30228/
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
