In association with heise online

02 April 2009, 11:10

VMWare ESX Server patches

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

VMWare has released security updates for the ESX Server service console, which close security vulnerabilities in OpenSSL, BIND and vim. The SSL error can be exploited to allow a forged certificate to skip validation checks, while the BIND error allowed a malicious zone to present a malformed DSA certificate and also bypass proper certificate validation.

Patches are available for ESX version 3.0.2 and 3.0.3 and links can be found in the original advisory. According to the manufacturer, patches for version 3.5 and 2.5.5 are still in the works.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit