In association with heise online

31 January 2009, 19:59

Patches for VMware ESX and ESXi

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

VMware has released updates for the ESX server and ESXi hypervisor, to fix four vulnerabilities which affect VMware ESXi 3.5, VMware ESX 3.5, VMware ESX 3.0.3 and VMware ESX 3.0.2. One fix is for an issue with corrupted VMDK delta snapshots, which meant that if a corrupted snapshot was loaded, it was possible that it could crash the ESX host.

The net-snmp package was fixed to remove its vulnerability to denial-of-service attacks related to the processing of SNMP GETBULK commands. The XML parser library, libxml2, was also fixed as it suffered from an integer overflow vulnerability, which could cause a buffer overflow with a subsequent crash of the affected application, or potentially lead to execution of arbitrary code. A second bug fixed in the XML parser, made it possible to place the application in an endless loop, by feeding it malformed XML.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit