CERT mailing list archives
Current Activity - VMware Releases Multiple Updates for ESX
From: Current Activity <us-cert () us-cert gov>
Date: Fri, 8 Jan 2010 11:21:30 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity VMware Releases Multiple Updates for ESX Original release date: January 8, 2010 at 11:05 am Last revised: January 8, 2010 at 11:05 am VMware has released Security Advisory VMSA-2010-0001 to address multiple vulnerabilities in ESX Service Console packages for Network Security Services (NSS) and NetScape Portable Runtime (NSPR). Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, cause a denial-of-service condition, bypass security restrictions, and compromise a vulnerable system. Additionally, VMware has updated two previously released advisories: VMSA-2009-0014.2 that addresses vulnerabilities in the DHCP, Service Console Kernel, and Java JRE packages for ESX, and VMSA-2009-0004.3 that addresses vulnerabilities in the OpenSSL, BIND, and Vim packages for ESX. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2010-0001, VMSA-2009-0014.2, and VMSA-2009-0004.3 and apply any necessary updates to help mitigate the risks. Relevant Url(s): <http://lists.vmware.com/pipermail/security-announce/2010/000076.html> <http://lists.vmware.com/pipermail/security-announce/2010/000075.html> <http://lists.vmware.com/pipermail/security-announce/2010/000077.html> ==== This entry is available at http://www.us-cert.gov/current/index.html#vmware_releases_security_advisory3 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBS0dbctucaIvSvh1ZAQIeSAgAkoAXo8SLD7AKb8/a+VIV7h8VF4ETGko1 ugm60egHHOYzZftAW6mBxmch/0VbnFG7Dj051Qro/kY5bm4exU4V2LusGDh7kX0s UPPe2wExbgc3OThmGMrJj3Za61o/eKCs0nlk0bBHXQsfV6Ie5LI0ilrykyifu+jH g6rxbxaS6ej1T0Dg2HBllEGaZ4HWBQNTTrA2hQmwPekHe6/4xEFFAexTGxUP+RKA 56nn3Vi9gNx9bgTle5nbpVM/SHc1xYwow0tQjl5hRVfhHc++YwSqy+yfU5g7MuTh sI7s0E3JN6LYjhe7PpB6BfnvIy1zaIqSEga6NKu/KycTLjRJvaOo3A== =wdpq -----END PGP SIGNATURE-----
Current thread:
- Current Activity - VMware Releases Multiple Updates for ESX Current Activity (Jan 08)