Advisories
Research
Forums
Create Profile
Our Commitment
Database
Search
Advisories by Product
Advisories by Vendor
Terminology
Report Vulnerability
Insecure Library Loading

Vulnerability Report: VMware ESX Server 3.x

This vulnerability report for VMware ESX Server 3.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in VMware ESX Server 3.x then you are more than welcome to contact us.


Table of Contents

1. Product Summary Only

2. Secunia Advisory Statistics (All time)
2.1. Statistics for 2014
2.2. Statistics for 2013
2.3. Statistics for 2012
2.4. Statistics for 2011
2.5. Statistics for 2010
2.6. Statistics for 2009
2.7. Statistics for 2008
2.8. Statistics for 2007
2.9. Statistics for 2006
2.10. Statistics for 2005
2.11. Statistics for 2004
2.12. Statistics for 2003

3. List of Secunia Advisories (All time)
3.1. List for 2014
3.2. List for 2013
3.3. List for 2012
3.4. List for 2011
3.5. List for 2010
3.6. List for 2009
3.7. List for 2008
3.8. List for 2007
3.9. List for 2006
3.10. List for 2005
3.11. List for 2004
3.12. List for 2003

4. Send Feedback
 
Vendor, Links, and Unpatched Vulnerabilities

Vendor VMware

Product Link View Here (Link to external site)

Affected By 69 Secunia advisories
603 Vulnerabilities

Monitor Product Receive alerts for this product

Unpatched 7% (5 of 69 Secunia advisories)

Most Critical Unpatched
The most severe unpatched Secunia advisory affecting VMware ESX Server 3.x, with all vendor patches applied, is rated Highly critical .




69 Secunia Advisories in 2003-2014

Secunia has issued a total of 69 Secunia advisories in 2003-2014 for VMware ESX Server 3.x. Currently, 7% (5 out of 69) are marked as unpatched with the most severe being rated Highly critical

More information about the specific Secunia advisories affecting VMware ESX Server 3.x can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.



VMware Products Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 1 of 2 in 2013. 2,197 views.
Release Date:
2013-02-22
Secunia Advisory ID:
SA52332
Solution Status:
Vendor Patch
Criticality:
Impact:
Manipulation of data
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
VMware has acknowledged multiple vulnerabilities in multiple VMware products, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. [Read More]


VMware ESX Server Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 2 in 2013. 2,671 views.
Release Date:
2013-02-01
Secunia Advisory ID:
SA52061
Solution Status:
Vendor Patch
Criticality:
Impact:
Exposure of system information
DoS
System access
Where:
From local network
Short Description:
Multiple vulnerabilities have been reported in VMware ESX Server, which can be exploited by malicious people to disclose system information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. [Read More]


VMware Multiple Products Checkpoint File Parsing Vulnerability
Vendor Patch. Secunia Advisory 1 of 5 in 2012. 3,131 views.
Release Date:
2012-06-14
Secunia Advisory ID:
SA49430
Solution Status:
Vendor Patch
Criticality:
Impact:
System access
Where:
From remote
Short Description:
A vulnerability has been reported in multiple VMware products, which can be exploited by malicious people to compromise a user's system. [Read More]


VMware ESX Server / ESXi Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 5 in 2012. 3,467 views.
Release Date:
2012-05-04
Secunia Advisory ID:
SA49019
Solution Status:
Vendor Patch
Criticality:
Impact:
Privilege escalation
DoS
System access
Where:
From local network
Short Description:
Multiple vulnerabilities have been reported in VMware ESX Server and VMware ESXi, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. [Read More]


VMware Multiple Products Privilege Escalation Security Issue
Vendor Patch. Secunia Advisory 3 of 5 in 2012. 2,159 views.
Release Date:
2012-04-13
Secunia Advisory ID:
SA48782
Solution Status:
Vendor Patch
Criticality:
Impact:
Privilege escalation
Where:
Local system
Short Description:
A security issue has been reported in multiple VMware products, which can be exploited by malicious, local users to gain escalated privileges. [Read More]


VMware ESX Server / ESXi I/O Handling ROM Overwrite Privilege Escalation Vulnerability
Vendor Patch. Secunia Advisory 4 of 5 in 2012. 2,086 views.
Release Date:
2012-03-30
Secunia Advisory ID:
SA48669
Solution Status:
Vendor Patch
Criticality:
Impact:
Privilege escalation
Where:
Local system
Short Description:
Derek Soeder has reported a vulnerability in VMware ESX Server and VMware ESXi, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges. [Read More]


VMware ESX Server / VirtualCenter JRE Multiple Vulnerabilties
Vendor Patch. Secunia Advisory 5 of 5 in 2012. 2,738 views.
Release Date:
2012-03-09
Secunia Advisory ID:
SA48335
Solution Status:
Vendor Patch
Criticality:
Impact:
Hijacking
Spoofing
Manipulation of data
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
VMware has acknowledged multiple vulnerabilities in ESX Server and VirtualCenter, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. [Read More]


VMware ESX Server Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 1 of 8 in 2011. 3,832 views.
Release Date:
2011-10-28
Secunia Advisory ID:
SA46529
Solution Status:
Vendor Patch
Criticality:
Impact:
Hijacking
Security Bypass
Spoofing
Manipulation of data
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
VMware has acknowledged multiple vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to disclose potentially sensitive information, by malicious users to cause a DoS (Denial of Service), and by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, conduct spoofing attacks, conduct DNS cache poisoning attacks, cause a DoS (Denial of Service), and compromise a vulnerable system. [Read More]


VMware ESX / ESXi Server Multiple Vulnerabilities
Partial Fix. Secunia Advisory 2 of 8 in 2011. 5,959 views.
Release Date:
2011-10-13
Secunia Advisory ID:
SA46397
Solution Status:
Partial Fix
Criticality:
Impact:
Security Bypass
Spoofing
Exposure of system information
Exposure of sensitive information
Privilege escalation
DoS
System access
Where:
From remote
Short Description:
VMware has acknowledged multiple vulnerabilities in VMware ESX and ESXi Server, which can be exploited by malicious, local users to disclose system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people with physical access to potentially compromise a vulnerable system and cause a DoS (Denial of Service), and by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security features, and cause a DoS (Denial of Service). [Read More]


VMware ESX Console OS (COS) Multiple Vulnerabilities
Partial Fix. Secunia Advisory 3 of 8 in 2011. 3,352 views.
Release Date:
2011-07-29
Secunia Advisory ID:
SA45467
Solution Status:
Partial Fix
Criticality:
Impact:
Privilege escalation
DoS
System access
Where:
From local network
Short Description:
VMware has acknowledged some vulnerabilities in Console OS (COS), which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to compromise a vulnerable system. [Read More]


VMware Products "mount.vmhgfs" Multiple Security Issues
Vendor Patch. Secunia Advisory 4 of 8 in 2011. 4,048 views.
Release Date:
2011-06-03
Secunia Advisory ID:
SA44840
Solution Status:
Vendor Patch
Criticality:
Impact:
Exposure of system information
Privilege escalation
Where:
Local system
Short Description:
Some security issues have been reported in various VMware products, which can be exploited by malicious, local users in a guest virtual machine to disclose system information and gain escalated privileges. [Read More]


VMware ESX Server Console Kernel Multiple Vulnerabilities
Partial Fix. Secunia Advisory 5 of 8 in 2011. 2,812 views.
Release Date:
2011-06-03
Secunia Advisory ID:
SA44839
Solution Status:
Partial Fix
Criticality:
Impact:
DoS
Where:
From remote
Short Description:
A security issue and some vulnerabilities have been reported in VMware ESX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS. [Read More]


VMware ESX Server / ESXi e1000 Driver Packet Filter Bypass Security Issue
Partial Fix. Secunia Advisory 6 of 8 in 2011. 2,098 views.
Release Date:
2011-06-03
Secunia Advisory ID:
SA44838
Solution Status:
Partial Fix
Criticality:
Impact:
Security Bypass
Where:
From local network
Short Description:
A security issue has been reported in VMware ESX Server / ESXi, which can be exploited by malicious people to bypass certain security features. [Read More]


VMware ESX Server / ESXi OpenSSL Vulnerabilities
Partial Fix. Secunia Advisory 7 of 8 in 2011. 3,439 views.
Release Date:
2011-02-11
Secunia Advisory ID:
SA43312
Solution Status:
Partial Fix
Criticality:
Impact:
DoS
System access
Where:
From remote
Short Description:
VMware has acknowledged some vulnerabilities in VMware ESX Server / ESXi, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. [Read More]


VMware Products Oracle (Sun) JRE Multiple Vulnerabilities
Partial Fix. Secunia Advisory 8 of 8 in 2011. 2,570 views.
Release Date:
2011-02-11
Secunia Advisory ID:
SA43309
Solution Status:
Partial Fix
Criticality:
Impact:
Manipulation of data
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
VMware has acknowledged some vulnerabilities in VMware vCenter Server, Update Manager, and ESX Server, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, and compromise a vulnerable system. [Read More]


VMware ESX Console OS (COS) Update for bzip2
Partial Fix. Secunia Advisory 1 of 16 in 2010. 2,066 views.
Release Date:
2010-12-07
Secunia Advisory ID:
SA42529
Solution Status:
Partial Fix
Criticality:
Impact:
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for the Console OS (COS) bzip2 packages. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. [Read More]


VMware ESX Console OS (COS) Update for openssl
Partial Fix. Secunia Advisory 2 of 16 in 2010. 2,525 views.
Release Date:
2010-12-07
Secunia Advisory ID:
SA42467
Solution Status:
Partial Fix
Criticality:
Impact:
Manipulation of data
DoS
Where:
From remote
Short Description:
VMware has issued an update for the Console OS (COS) openssl packages. This fixes some vulnerabilities, which can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service). [Read More]


VMware ESX Console OS (COS) Update for samba
Vendor Patch. Secunia Advisory 3 of 16 in 2010. 2,286 views.
Release Date:
2010-12-07
Secunia Advisory ID:
SA42531
Solution Status:
Vendor Patch
Criticality:
Impact:
System access
Where:
From local network
Short Description:
VMware has issued an update for the Console OS (COS) samba packages. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system. [Read More]


VMware Products VMware Tools Command Injection Vulnerability
Vendor Patch. Secunia Advisory 4 of 16 in 2010. 3,688 views.
Release Date:
2010-12-03
Secunia Advisory ID:
SA42480
Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
Where:
Local system
Short Description:
A vulnerability has been reported in VMware Workstation, Player, Fusion, ESX, and ESXi, which can be exploited by malicious, local users to bypass certain security restrictions. [Read More]


VMware ESX Server Multiple Vulnerabilities
Partial Fix. Secunia Advisory 5 of 16 in 2010. 2,798 views.
Release Date:
2010-09-01
Secunia Advisory ID:
SA41196
Solution Status:
Partial Fix
Criticality:
Impact:
Security Bypass
DoS
System access
Where:
From remote
Short Description:
VMware has acknowledged multiple vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service), malicious users to cause a DoS, and malicious people to bypass certain security restrictions and potentially compromise a vulnerable system. [Read More]


VMware ESX Server update for kernel
Vendor Patch. Secunia Advisory 6 of 16 in 2010. 2,692 views.
Release Date:
2010-06-25
Secunia Advisory ID:
SA40368
Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
Exposure of sensitive information
Privilege escalation
DoS
Where:
From local network
Short Description:
VMware has issued an update for the Console OS (COS) kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, disclose potentially sensitive information, potentially gain escalated privileges, or to cause a DoS (Denial of Service) and by malicious people to cause a DoS. [Read More]


VMware ESX gzip "unlzw()" Integer Underflow Vulnerability
Unpatched. Secunia Advisory 7 of 16 in 2010. 3,252 views.
Release Date:
2010-05-28
Secunia Advisory ID:
SA39975
Solution Status:
Unpatched
Criticality:
Impact:
System access
Where:
From remote
Short Description:
VMware has acknowledged a vulnerability in various VMware ESX products, which can be exploited by malicious people to potentially compromise a user's system. [Read More]


VMware ESX GCC libtool Search Path Privilege Escalation Security Issue
Unpatched. Secunia Advisory 8 of 16 in 2010. 3,212 views.
Release Date:
2010-05-28
Secunia Advisory ID:
SA39974
Solution Status:
Unpatched
Criticality:
Impact:
Privilege escalation
Where:
Local system
Short Description:
VMware has acknowledged a security issue in various VMware ESX products, which can be exploited by malicious, local users to potentially gain escalated privileges. [Read More]


VMware ESX Multiple krb5 Vulnerabilities
Unpatched. Secunia Advisory 9 of 16 in 2010. 4,289 views.
Release Date:
2010-05-28
Secunia Advisory ID:
SA39973
Solution Status:
Unpatched
Criticality:
Impact:
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
VMware has acknowledged a security issue and some vulnerabilities in various VMware ESX products, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service) or potentially compromise a vulnerable system. [Read More]


VMware Products VMware Tools Two Vulnerabilities
Vendor Patch. Secunia Advisory 10 of 16 in 2010. 5,120 views.
Release Date:
2010-04-09
Secunia Advisory ID:
SA39198
Solution Status:
Vendor Patch
Criticality:
Impact:
Privilege escalation
System access
Where:
From remote
Short Description:
Two vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious, local users to potentially gain escalated privileges, and by malicious people to compromise a vulnerable system. [Read More]


VMware ESX Server Samba Multiple Vulnerabilities
Unpatched. Secunia Advisory 11 of 16 in 2010. 2,780 views.
Release Date:
2010-04-05
Secunia Advisory ID:
SA39218
Solution Status:
Unpatched
Criticality:
Impact:
Security Bypass
Exposure of sensitive information
DoS
Where:
From local network
Short Description:
VMware has acknowledged some vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious users to bypass certain security restrictions, disclose sensitive information, and cause a DoS (Denial of Service). [Read More]


VMware ESX / VirtualCenter WebAccess Forwarding Security Issue
Unpatched. Secunia Advisory 12 of 16 in 2010. 2,391 views.
Release Date:
2010-03-30
Secunia Advisory ID:
SA39197
Solution Status:
Unpatched
Criticality:
Impact:
Security Bypass
Where:
From local network
Short Description:
A security issue has been reported in VMware ESX and VMware VirtualCenter, which can be exploited by malicious people to bypass certain security restrictions. [Read More]


VMware ESX WebAccess Two Vulnerabilities
Vendor Patch. Secunia Advisory 13 of 16 in 2010. 2,646 views.
Release Date:
2010-03-30
Secunia Advisory ID:
SA39171
Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
Cross Site Scripting
Where:
From local network
Short Description:
Two vulnerabilities have been reported in VMware ESX, which can be exploited by malicious people to disclose sensitive information and by malicious users to conduct script insertion attacks. [Read More]


VMware ESX Server Multiple Vulnerabilities
Partial Fix. Secunia Advisory 14 of 16 in 2010. 3,576 views.
Release Date:
2010-03-04
Secunia Advisory ID:
SA38832
Solution Status:
Partial Fix
Criticality:
Impact:
DoS
Where:
From local network
Short Description:
VMware has acknowledged some vulnerabilities in VMware ESX Server, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]


VMware ESX Server update for net-snmp
Vendor Patch. Secunia Advisory 15 of 16 in 2010. 2,476 views.
Release Date:
2010-02-17
Secunia Advisory ID:
SA38562
Solution Status:
Vendor Patch
Criticality:
Impact:
DoS
Where:
From local network
Short Description:
VMware has issued an update for VMware ESX Server. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]


VMware Products JRE Multiple Vulnerabilities
Partial Fix. Secunia Advisory 16 of 16 in 2010. 4,846 views.
Release Date:
2010-02-01
Secunia Advisory ID:
SA38438
Solution Status:
Partial Fix
Criticality:
Impact:
Security Bypass
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
Some vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious people to potentially disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system. [Read More]


VMware Products Update for Multiple Packages
Partial Fix. Secunia Advisory 1 of 13 in 2009. 10,352 views.
Release Date:
2009-11-23
Secunia Advisory ID:
SA37460
Solution Status:
Partial Fix
Criticality:
Impact:
Unknown
Security Bypass
Cross Site Scripting
Manipulation of data
Exposure of system information
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
VMware has issued updates for multiple packages. These fix vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, by malicious users to disclose sensitive information or manipulate certain data, and by malicious people to disclose sensitive information, conduct cross-site scripting attacks, manipulate certain data, bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system. [Read More]


VMware ESX and vMA Update for Multiple Packages
Partial Fix. Secunia Advisory 2 of 13 in 2009. 7,769 views.
Release Date:
2009-11-23
Secunia Advisory ID:
SA37471
Solution Status:
Partial Fix
Criticality:
Impact:
Security Bypass
Spoofing
Exposure of system information
Exposure of sensitive information
Privilege escalation
DoS
System access
Where:
From remote
Short Description:
VMware has issued updates for ESX and vMA. These fix some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or cause a DoS (Denial of Service), by malicious users to cause a DoS and potentially gain escalated privileges, and by malicious people to disclose potentially sensitive information, conduct spoofing attacks, cause a DoS, or compromise a vulnerable system. [Read More]


VMware Products Directory Traversal File Disclosure Vulnerability
Vendor Patch. Secunia Advisory 3 of 13 in 2009. 4,885 views.
Release Date:
2009-10-28
Secunia Advisory ID:
SA37186
Solution Status:
Vendor Patch
Criticality:
Impact:
Exposure of sensitive information
Where:
From local network
Short Description:
A vulnerability has been reported in VMware Server, VMware ESX, and VMware ESXi, which can be exploited by malicious people to disclose sensitive information. [Read More]


VMware Products Guest Privilege Escalation Vulnerability
Vendor Patch. Secunia Advisory 4 of 13 in 2009. 5,024 views.
Release Date:
2009-10-28
Secunia Advisory ID:
SA37172
Solution Status:
Vendor Patch
Criticality:
Impact:
Privilege escalation
Where:
Local system
Short Description:
A vulnerability has been reported in various VMware products, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges. [Read More]


VMware ESX Server update for DHCP, kernel, and JRE
Vendor Patch. Secunia Advisory 5 of 13 in 2009. 4,593 views.
Release Date:
2009-10-19
Secunia Advisory ID:
SA37081
Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
Exposure of system information
Exposure of sensitive information
Privilege escalation
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges, and by malicious people to bypass certain security restrictions, disclose sensitive information, cause a DoS (Denial of service), or compromise a vulnerable system. [Read More]


VMware ESX Server update for krb5
Partial Fix. Secunia Advisory 6 of 13 in 2009. 5,084 views.
Release Date:
2009-07-01
Secunia Advisory ID:
SA35667
Solution Status:
Partial Fix
Criticality:
Impact:
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. [Read More]


VMware Products Descheduled Time Accounting Driver Denial of Service
Vendor Patch. Secunia Advisory 7 of 13 in 2009. 4,776 views.
Release Date:
2009-05-29
Secunia Advisory ID:
SA35269
Solution Status:
Vendor Patch
Criticality:
Impact:
DoS
Where:
Local system
Short Description:
A vulnerability has been reported in VMware products, which can be exploited by malicious, local users to cause a DoS (Denial of Service). [Read More]


VMware Products Display Function Security Bypass Vulnerability
Vendor Patch. Secunia Advisory 8 of 13 in 2009. 3,765 views.
Release Date:
2009-04-13
Secunia Advisory ID:
SA34697
Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
Where:
Local system
Short Description:
A vulnerability has been reported in multiple VMware products, which can be exploited by malicious, local users to bypass certain security restrictions. [Read More]


VMware Virtual Infrastructure Client Password Disclosure Weakness
Vendor Patch. Secunia Advisory 9 of 13 in 2009. 4,821 views.
Release Date:
2009-04-06
Secunia Advisory ID:
SA34585
Solution Status:
Vendor Patch
Criticality:
Impact:
Exposure of sensitive information
Where:
Local system
Short Description:
A weakness has been reported in VMware Virtual Infrastructure Client, which can be exploited by malicious, local users to disclose sensitive information. [Read More]


VMware ESX Server Update for Multiple Packages
Partial Fix. Secunia Advisory 10 of 13 in 2009. 3,858 views.
Release Date:
2009-04-01
Secunia Advisory ID:
SA34530
Solution Status:
Partial Fix
Criticality:
Impact:
Spoofing
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to conduct spoofing attacks or to compromise a user's system. [Read More]


VMware Multiple Products Tomcat Vulnerabilities
Partial Fix. Secunia Advisory 11 of 13 in 2009. 6,176 views.
Release Date:
2009-02-24
Secunia Advisory ID:
SA34013
Solution Status:
Partial Fix
Criticality:
Impact:
Security Bypass
Cross Site Scripting
Exposure of system information
Exposure of sensitive information
Where:
From remote
Short Description:
VMware has acknowledged some vulnerabilities in multiple VMware products, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, or disclose sensitive information. [Read More]


VMware ESX / ESXi VMDK Delta Disk Denial of Service Weakness
Vendor Patch. Secunia Advisory 12 of 13 in 2009. 6,780 views.
Release Date:
2009-02-02
Secunia Advisory ID:
SA33776
Solution Status:
Vendor Patch
Criticality:
Impact:
DoS
Where:
From remote
Short Description:
A weakness has been reported in VMware ESX / ESXi, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]


VMware ESX Server update for net-snmp and libxml2
Vendor Patch. Secunia Advisory 13 of 13 in 2009. 6,192 views.
Release Date:
2009-02-02
Secunia Advisory ID:
SA33746
Solution Status:
Vendor Patch
Criticality:
Impact:
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. [Read More]


VMware ESX Server update for bzip2
Partial Fix. Secunia Advisory 1 of 17 in 2008. 5,707 views.
Release Date:
2008-12-03
Secunia Advisory ID:
SA32952
Solution Status:
Partial Fix
Criticality:
Impact:
DoS
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]


VMware ESX / ESXi Two Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 17 in 2008. 10,978 views.
Release Date:
2008-12-03
Secunia Advisory ID:
SA32965
Solution Status:
Vendor Patch
Criticality:
Impact:
DoS
Security Bypass
Where:
Local system
Short Description:
Two vulnerabilities have been reported in VMware ESX / ESXi, which can be exploited by malicious, local users to bypass certain security restrictions or to cause a DoS (Denial of Service). [Read More]


VMware ESX / ESXi Privilege Escalation and Directory Traversal Vulnerability
Vendor Patch. Secunia Advisory 3 of 17 in 2008. 8,039 views.
Release Date:
2008-11-07
Secunia Advisory ID:
SA32624
Solution Status:
Vendor Patch
Criticality:
Impact:
Privilege escalation
Where:
Local system
Short Description:
Some vulnerabilities have been reported in VMware ESX and ESXi, which can be exploited by malicious, local users to gain escalated privileges. [Read More]


VMware ESX Server update for libxml2
Vendor Patch. Secunia Advisory 4 of 17 in 2008. 7,026 views.
Release Date:
2008-10-31
Secunia Advisory ID:
SA32488
Solution Status:
Vendor Patch
Criticality:
Impact:
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. [Read More]


VMware ESX Server Sun Java JDK / JRE Multiple Vulnerabilities
Partial Fix. Secunia Advisory 5 of 17 in 2008. 8,541 views.
Release Date:
2008-10-06
Secunia Advisory ID:
SA32180
Solution Status:
Partial Fix
Criticality:
Impact:
Security Bypass
Exposure of system information
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
VMware has acknowledged some vulnerabilities in VMware ESX Server, which can be exploited by malicious people to bypass certain security restrictions, disclose system information or potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system. [Read More]


VMware ESX / ESXi "JMP" Privilege Escalation Vulnerability
Vendor Patch. Secunia Advisory 6 of 17 in 2008. 4,979 views.
Release Date:
2008-10-06
Secunia Advisory ID:
SA32157
Solution Status:
Vendor Patch
Criticality:
Impact:
Privilege escalation
Where:
Local system
Short Description:
A vulnerability has been reported in VMware ESX / ESXi, which can be exploited by malicious, local users to gain escalated privileges. [Read More]


VMware ESX / ESXi openwsman HTTP Basic Authentication Buffer Overflow
Vendor Patch. Secunia Advisory 7 of 17 in 2008. 6,678 views.
Release Date:
2008-09-19
Secunia Advisory ID:
SA31942
Solution Status:
Vendor Patch
Criticality:
Impact:
DoS
System access
Where:
From local network
Short Description:
VMware has issued an update for openwsman. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system. [Read More]


VMware ESX / ESXi Server Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 8 of 17 in 2008. 8,926 views.
Release Date:
2008-09-01
Secunia Advisory ID:
SA31713
Solution Status:
Vendor Patch
Criticality:
Impact:
DoS
Where:
From remote
Short Description:
VMware has acknowledged a weakness and a vulnerability in VMware ESX Server, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service). [Read More]


VMware updates for OpenSSL, net-snmp, and perl
Vendor Patch. Secunia Advisory 9 of 17 in 2008. 8,150 views.
Release Date:
2008-08-13
Secunia Advisory ID:
SA31467
Solution Status:
Vendor Patch
Criticality:
Impact:
Spoofing
DoS
System access
Where:
From remote
Short Description:
VMware has issued updated OpenSSL, net-snmp, and perl packages. This fixes some vulnerabilities, which can be exploited by malicious people to spoof authenticated SNMPv3 packets, cause a DoS (Denial of Service), and compromise a vulnerable system. [Read More]


VMware ESX Server update for Samba and vmnix
Vendor Patch. Secunia Advisory 10 of 17 in 2008. 9,184 views.
Release Date:
2008-07-29
Secunia Advisory ID:
SA31246
Solution Status:
Vendor Patch
Criticality:
Impact:
Exposure of sensitive information
Privilege escalation
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, to cause a DoS (Denial of Service), or to gain escalated privileges, and malicious people to compromise a vulnerable system. [Read More]


VMware ESX Server update for Tomcat and Java JRE
Partial Fix. Secunia Advisory 11 of 17 in 2008. 12,368 views.
Release Date:
2008-06-17
Secunia Advisory ID:
SA30676
Solution Status:
Partial Fix
Criticality:
Impact:
Security Bypass
Manipulation of data
Exposure of system information
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), bypass certain security restrictions, manipulate data, disclose sensitive/system information, or potentially compromise a vulnerable system. [Read More]


VMware Products Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 12 of 17 in 2008. 13,398 views.
Release Date:
2008-06-05
Secunia Advisory ID:
SA30556
Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
Privilege escalation
Where:
Local system
Short Description:
Some vulnerabilities have been reported in multiple VMware Products, which can be exploited by malicious, local users to bypass certain security restrictions or to gain escalated privileges. [Read More]


VMware ESX Server Multiple Security Updates
Vendor Patch. Secunia Advisory 13 of 17 in 2008. 11,416 views.
Release Date:
2008-06-05
Secunia Advisory ID:
SA30535
Solution Status:
Vendor Patch
Criticality:
Impact:
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. [Read More]


VMware ESX Server Multiple Security Updates
Vendor Patch. Secunia Advisory 14 of 17 in 2008. 10,769 views.
Release Date:
2008-04-16
Secunia Advisory ID:
SA29785
Solution Status:
Vendor Patch
Criticality:
Impact:
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, or potentially compromise a vulnerable system. [Read More]


VMware ESX Server Multiple Updates
Vendor Patch. Secunia Advisory 15 of 17 in 2008. 13,777 views.
Release Date:
2008-02-22
Secunia Advisory ID:
SA29032
Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
Exposure of sensitive information
DoS
System access
Where:
From remote
Short Description:
VMware has issued updates for VMware ESX Server. These fix some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system. [Read More]


VMware ESX Server and VirtualCenter Multiple Security Updates
Vendor Patch. Secunia Advisory 16 of 17 in 2008. 12,414 views.
Release Date:
2008-01-08
Secunia Advisory ID:
SA28365
Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
DoS
System access
Where:
From remote
Short Description:
VMware has issued updates for VMware ESX Server and VirtualCenter. These fix some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, to cause a DoS (Denial of Service) or compromise a vulnerable system. [Read More]


VMware ESX Server Multiple Security Updates
Vendor Patch. Secunia Advisory 17 of 17 in 2008. 13,544 views.
Release Date:
2008-01-08
Secunia Advisory ID:
SA28368
Solution Status:
Vendor Patch
Criticality:
Impact:
Privilege escalation
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform actions with escalated privileges and by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. [Read More]


VMware ESX Server Multiple Security Updates
Vendor Patch. Secunia Advisory 1 of 6 in 2007. 18,329 views.
Release Date:
2007-09-20
Secunia Advisory ID:
SA26909
Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
Privilege escalation
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, perform certain actions with escalated privileges, or to cause a DoS (Denial of Service), by malicious users to bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. [Read More]


VMWare Products Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 6 in 2007. 28,301 views.
Release Date:
2007-09-20
Secunia Advisory ID:
SA26890
Solution Status:
Vendor Patch
Criticality:
Impact:
Privilege escalation
DoS
System access
Where:
From local network
Short Description:
Multiple vulnerabilities have been reported in various VMware products, which can be exploited by malicious, local users to gain escalated privileges or cause a DoS (Denial of Service) or by malicious people to compromise a vulnerable system. [Read More]


VMware Products Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 3 of 6 in 2007. 17,652 views.
Release Date:
2007-05-01
Secunia Advisory ID:
SA25079
Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
DoS
Where:
Local system
Short Description:
Some vulnerabilities have been reported in various VMware products, which can be exploited by malicious users to cause a DoS (Denial of Service) or bypass certain security restrictions. [Read More]


VMware ESX Server Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 4 of 6 in 2007. 21,042 views.
Release Date:
2007-04-05
Secunia Advisory ID:
SA24788
Solution Status:
Vendor Patch
Criticality:
Impact:
Exposure of sensitive information
Privilege escalation
DoS
System access
Where:
From remote
Short Description:
VMware has acknowledged some vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges, and malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. [Read More]


VMware ESX Server Multiple Security Updates
Vendor Patch. Secunia Advisory 5 of 6 in 2007. 13,332 views.
Release Date:
2007-03-30
Secunia Advisory ID:
SA24636
Solution Status:
Vendor Patch
Criticality:
Impact:
Manipulation of data
Privilege escalation
DoS
System access
Where:
From remote
Short Description:
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to overwrite arbitrary files, cause a DoS (Denial of Service) and potentially compromise a vulnerable system. [Read More]


VMWare ESX Server Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 6 of 6 in 2007. 18,968 views.
Release Date:
2007-01-09
Secunia Advisory ID:
SA23680
Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
Exposure of sensitive information
Privilege escalation
DoS
System access
Where:
From remote
Short Description:
Some vulnerabilities have been reported in VMWare ESX Server, which can be exploited by malicious people to gain knowledge of sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), gain escalated privileges, or compromise a system. [Read More]


VMware ESX Server x87 Register Information Leak
Vendor Patch. Secunia Advisory 1 of 2 in 2006. 12,584 views.
Release Date:
2006-11-14
Secunia Advisory ID:
SA22876
Solution Status:
Vendor Patch
Criticality:
Impact:
Exposure of sensitive information
System access
Where:
Local system
Short Description:
A security issue has been reported in VMware ESX Server, which can be exploited by malicious, local users to disclose potentially sensitive information. [Read More]


VMware vmware-config.pl Insecure SSL Key File Permissions
Partial Fix. Secunia Advisory 2 of 2 in 2006. 19,316 views.
Release Date:
2006-07-19
Secunia Advisory ID:
SA21120
Solution Status:
Partial Fix
Criticality:
Impact:
Exposure of sensitive information
Where:
Local system
Short Description:
Nick Brees has reported a vulnerability in VMware, which potentially can be exploited by malicious, local users to gain knowledge of sensitive information. [Read More]





Discuss this Product
A new thread in our forum is automatically created for each Product. Activate the thread by commenting/discussing below.
Subject: VMware ESX Server 3.x 
No posts yet

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability