Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: New VMWare Security Advisory - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New VMWare Security Advisory

VMWare released a new security advisory about a vulnerability in the krb5 (Kerberos) package. The vulnerability allows a remote attacker to cause a DoS or potentially execute arbitrary code on the ESX server.

According to the advisory available at http://lists.vmware.com/pipermail/security-announce/2009/000059.html all ESX versions are affected (ESXi is not affected), however, the Kerberos package is not installed by default.

In any case, I'd like to remind you to firewall and isolate your ESX servers as much as possible.

--
Bojan
 

I will be teaching next: Web App Penetration Testing and Ethical Hacking - SANS Munich July 2019

Bojan

379 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!