In association with heise online

31 October 2008, 14:20

VMware patches ESX Server

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

VMware has published updates for its ESX Server series to eliminate three vulnerabilities. These include an error in the SNMPv3 implementation that has been known about since the middle of the year. This nullifies the authentication function, enabling attackers to access the Server. The update also eliminates a buffer overflow in the [codelibtiff[/code] graphics library] through which arbitrary code can be injected and executed by means of crafted TIFF files.

Installing the update also eliminates an error in the libxml2 library that can crash applications accessing it. Not all of the errors are present in every version, however: a detailed overview is given in the original VMware Security Announcement, which also contains links to updates for the various versions.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit