Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Patches for critical VMWare vulnerability SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Patches for critical VMWare vulnerability

Our friends at VMWare have made the ISC aware of new patches for both VMWare Hosted products, and for ESX which relates to the ability to execute on the host server from a guest operating system. 

The following releases have generally available patches:

 

  • VMware Workstation 6.5.1 and earlier
  • VMware Player 2.5.1 and earlier
  • VMware ACE 2.5.1 and earlier
  • VMware Server 2.0
  • VMware Server 1.0.8 and earlier
  • VMware Fusion 2.0.3 and earlier,
  • VMware ESXi 3.5 without patch ESXe350-200904201-O-SG 
  • VMware ESX 3.5 without patch ESX350-200904201-SG
  • VMware ESX 3.0.3 without patch ESX303-200904403-SG,
  • VMware ESX 3.0.2 without patch ESX-1008421.

Depending on your version, your only option may be to upgrade rather than patch.

Steve Hall

ISC Handler

www.tarkie.net

 

 

 Stephen

89 Posts
ISC Handler
Subscribe Apr 10th 2009
1 decade ago

Sign Up for Free or Log In to start participating in the conversation!