Jul022009

New VMWare Security Advisory

Published by hirantha at 8:30 AM under Security | Virtualization | VMWare

VMWare released a new security advisory about a vulnerability in the krb5 (Kerberos) package. The vulnerability allows a remote attacker to cause a DoS or potentially execute arbitrary code on the ESX server.


According to the advisory available at http://lists.vmware.com/pipermail/security-announce/2009/000059.html all ESX versions are affected (ESXi is not affected), however, the Kerberos package is not installed by default.



  [Twitter] [Digg] [Facebook] [Google] [StumbleUpon]

Tags: , ,

 

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Responses

Apr042009

VMware Updates

Published by hirantha at 6:30 PM under Security | Virtualization

Technorati Tags: ,

There were two new updates were released today.  The first update addresses issues with openssl, vim, and bind; the second update addresses multiple issues.

The first update is for the VMware ESX 3.0.2 and 3.0.3 release, and the second update applies to the following releases:
   VMware Workstation 6.5.1 and earlier,
   VMware Player 2.5.1 and earlier,
   VMware ACE 2.5.1 and earlier,
   VMware Server 2.0,
   VMware Server 1.0.8 and earlier,
   VMware ESXi 3.5 without patches ESXe350-200811401-O-SG, ESXe350-200903201-O-UG
   VMware ESX 3.5 without patches ESX350-200811401-SG, ESX350-200903201-UG
   VMware ESX 3.0.3 without patch ESX303-200811401-BG
   VMware ESX 3.0.2 without patch ESX-1006980


For full details on both updates, please visit the lists.vmware.com website.



  [Twitter] [Digg] [Facebook] [Google] [StumbleUpon]

Tags: , ,

 

E-mail | Permalink | Trackback | Post RSSRSS comment feed 0 Responses