Security-Alerts mailing list archive (security-alerts@yandex-team.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[security-alerts] FW: [SA24636] VMware ESX Server Multiple Security Updates
> ----------------------------------------------------------------------
>
> TITLE:
> VMware ESX Server Multiple Security Updates
>
> SECUNIA ADVISORY ID:
> SA24636
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/24636/
>
> CRITICAL:
> Moderately critical
>
> IMPACT:
> Manipulation of data, Privilege escalation, DoS, System access
>
> WHERE:
> From remote
>
> OPERATING SYSTEM:
> VMware ESX Server 3.x
> http://secunia.com/product/10757/
> VMware ESX Server 2.x
> http://secunia.com/product/2125/
>
> DESCRIPTION:
> VMware has issued an update for VMware ESX Server. This fixes some
> vulnerabilities, which can be exploited by malicious, local users to
> gain escalated privileges, and by malicious people to overwrite
> arbitrary files, cause a DoS (Denial of Service) and potentially
> compromise a vulnerable system.
>
> For more information:
> SA21890
> SA21996
> SA23115
>
> Additionally, VMware ESX Server was updated to protect against a
> guest kernel memory corruption, which could cause a DoS and an error
> within 64bit syscall instruction handling. This, in turn, could cause
> a panic in 64bit virtual machines.
>
> SOLUTION:
> Apply patches. Please see vendor advisory for details.
>
> ORIGINAL ADVISORY:
> http://kb.vmware.com/kb/5031800
> http://kb.vmware.com/kb/5885387
> http://kb.vmware.com/kb/6856573
> http://kb.vmware.com/kb/3003211
> http://kb.vmware.com/kb/3194055
> http://kb.vmware.com/kb/3496682
>
> http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/
> 053268.html
>
> OTHER REFERENCES:
> SA21890:
> http://secunia.com/advisories/21890/
>
> SA21996:
> http://secunia.com/advisories/21996/
>
> SA23115:
> http://secunia.com/advisories/23115/
>
>
|