VMware Security Advisory

Advisory ID: VMSA-2009-0008
Synopsis: ESX Service Console update for krb5
Issue date: 2009-06-30
Updated on: 2009-06-30 (initial release of advisory)
CVE numbers: CVE-2009-0846

1. Summary

Service Console package krb5 has been updated to version
krb5-1.2.7-70.

2. Relevant releases

VMware ESX 3.5.0 without patch ESX350-200906407-SG

3. Problem Description

a. Service Console package krb5 update to version krb5-1.2.7-70

Kerberos is a network authentication protocol. It is designed to
provide strong authentication for client/server applications by
using secret-key cryptography.

An input validation flaw in the asn1_decode_generaltime function in
MIT Kerberos 5 before 1.6.4 allows remote attackers to cause a
denial of service or possibly execute arbitrary code via vectors
involving an invalid DER encoding that triggers a free of an
uninitialized pointer.

A remote attacker could use this flaw to crash a network service
using the MIT Kerberos library, such as kadmind or krb5kdc, by
causing it to dereference or free an uninitialized pointer or,
possibly, execute arbitrary code with the privileges of the user
running the service.

NOTE: ESX by default is unaffected by this issue, the daemons
kadmind and krb5kdc are not installed in ESX.

VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues

Advisory ID:       VMSA-2009-0007
Synopsis:          VMware Hosted products and ESX and ESXi patches
resolve security issues
Issue date:        2009-05-28
Updated on:        2009-05-28 (initial release of advisory)
CVE numbers:       CVE-2009-1805 CVE-2009-0040 CVE-2008-1382
- ————————————————————————

1. Summary

VMware Hosted products and ESX and ESXi patches resolve a security
issue. Update patch 13 for ESX 2.5.5 updates the libpng Service
Console RPM.

This patch fixes a denial of service vulnerability that could be
triggered in a virtual machine by an unprivileged, locally
logged-on user in the virtual machine.

Advisory ID:       VMSA-2009-0004.2
Synopsis:          ESX Service Console updates for openssl, bind, and
vim
Issue date:        2009-03-31
Updated on:        2009-06-01
CVE numbers:       CVE-2008-5077 CVE-2009-0025 CVE-2008-4101
CVE-2008-3432 CVE-2008-2712 CVE-2007-2953

1. Summary

ESX patches for OpenSSL, vim and bind resolve several security
issues.

2. Relevant releases

VMware ESX 3.5 without patches ESX350-200904408-SG,
ESX350-200904407-SG,
ESX350-200904406-SG

VMware ESX 3.0.3 without patches ESX303-200903406-SG,
ESX303-200903405-SG,
ESX303-200903403-SG

VMware ESX 3.0.2 without patches ESX-1008409, ESX-1008408,
ESX-1008406

VMware ESX 2.5.5 without update patch 13

Extended support for ESX 3.0.2 Update 1 ends on 2009-08-08.
Users should plan to upgrade to ESX 3.0.3 and preferably to
the newest release available.

For more information please refer to http://www.vmware.com/security

————————————————————————-

VMware Security Advisory

Advisory ID:       VMSA-2009-0004
Synopsis:          ESX Service Console updates for openssl, bind, and
vim
Issue date:        2009-03-31
Updated on:        2009-03-31 (initial release of advisory)
CVE numbers:       CVE-2008-5077 CVE-2009-0025 CVE-2008-4101
CVE-2008-3432 CVE-2008-2712 CVE-2007-2953
————————————————————————-

1. Summary

ESX patches for OpenSSL, vim and bind resolve several security
issues.

2. Relevant releases

VMware ESX 3.0.3 without patches ESX303-200903406-SG,
ESX303-200903405-SG,
ESX303-200903403-SG

VMware ESX 3.0.2 without patches ESX-1008409, ESX-1008408,
ESX-1008406

Extended support for ESX 3.0.2 Update 1 ends on 2009-08-08.
Users should plan to upgrade to ESX 3.0.3 and preferably to
the newest release available.

See VMware Security Center for more info http://www.vmware.com/security

Update for VirtualCenter updates the Tomcat package to version 5.5.27 which addresses multiple security issues that existed in the previous
version of Apache Tomcat.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-1232, CVE-2008-1947 and CVE-2008-2370 to these issues.

For more information see this link…

ESX 2.5.5 patch 12 Build 142708 updates service console package

A heap-based buffer overflow was discovered in the way ed, the GNU line editor, processed long file names. An attacker could create a file with a specially-crafted name that could possibly execute an arbitrary code when opened in the ed editor.

The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-3916 to this issue.   For more information follow this link…