Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Nmap 5.61TEST5 released with 43 new scripts,improved OS & version detection, and more available for download - http://nmap.org/download.html

VMware New and Updated Advisories

Published: 2012-03-09
Last Updated: 2012-03-09 22:22:12 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

 VMware issued the following security advisories:

The VMware vCenter Chargeback Manager contains a vulnerability that allows information leakage and DoS [1]. VMware recommend applying the following patch available here [2].

The VMware VirtualCenter and ESX, Oracle (Sun) JRE update 1.5.0_32 Oracle (Sun) JRE is updated to version 1.5.0_32, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE [3]. VMware recommend applying the following patch for VMware Virtual Center 2.5 Update 6b available here [4] (registered users with a valid serial number) and ESX350-201203401-SG and here [5].

The following advisories have been updated

VMware ESX third party updates for Service Console packages glibc and dhcp (VMSA-2011-0010.3) [6]
VMware ESXi and ESX updates to third party libraries and ESX Service Console (VMSA-2011-0012.3) [7]
VMware third party component updates for VMware vCenter Server, vSphere Update Manager, ESXi and ESX (VMSA-2011-0013.2) [8]

[1] http://www.vmware.com/security/advisories/VMSA-2012-0002.html
[2] http://downloads.vmware.com/d/info/it_business_management/vmware_vcenter_chargeback/2_0
[3] http://www.vmware.com/security/advisories/VMSA-2012-0003.html
[4] http://www.vmware.com/download/download.do?downloadGroup=VC250U6B
[5] http://downloads.vmware.com/go/selfsupport-download
[6] http://www.vmware.com/security/advisories/VMSA-2011-0010.html
[7] http://www.vmware.com/security/advisories/VMSA-2011-0012.html
[8] http://www.vmware.com/security/advisories/VMSA-2011-0013.html

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

0 comment(s)
Diary Archives