Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: VMware New and Updated Advisories - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
VMware New and Updated Advisories

 VMware issued the following security advisories:

The VMware vCenter Chargeback Manager contains a vulnerability that allows information leakage and DoS [1]. VMware recommend applying the following patch available here [2].

The VMware VirtualCenter and ESX, Oracle (Sun) JRE update 1.5.0_32 Oracle (Sun) JRE is updated to version 1.5.0_32, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE [3]. VMware recommend applying the following patch for VMware Virtual Center 2.5 Update 6b available here [4] (registered users with a valid serial number) and ESX350-201203401-SG and here [5].

The following advisories have been updated

VMware ESX third party updates for Service Console packages glibc and dhcp (VMSA-2011-0010.3) [6]
VMware ESXi and ESX updates to third party libraries and ESX Service Console (VMSA-2011-0012.3) [7]
VMware third party component updates for VMware vCenter Server, vSphere Update Manager, ESXi and ESX (VMSA-2011-0013.2) [8]

[1] http://www.vmware.com/security/advisories/VMSA-2012-0002.html
[2] http://downloads.vmware.com/d/info/it_business_management/vmware_vcenter_chargeback/2_0
[3] http://www.vmware.com/security/advisories/VMSA-2012-0003.html
[4] http://www.vmware.com/download/download.do?downloadGroup=VC250U6B
[5] http://downloads.vmware.com/go/selfsupport-download
[6] http://www.vmware.com/security/advisories/VMSA-2011-0010.html
[7] http://www.vmware.com/security/advisories/VMSA-2011-0012.html
[8] http://www.vmware.com/security/advisories/VMSA-2011-0013.html

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Guy

424 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!