Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: VMWare Security Advisory VMSA-2011-0001 SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
VMWare Security Advisory VMSA-2011-0001

VMWare today released Security Advisory VMSA-2011-0001 [1] as well as updated two of last years security advisories [2],[3]

The update patches glibc, sudo and openldap that are used as part of VMWare ESX. The vulnerabilities could be used to escalate privileges if a user has access to the VMWare console or launch a denial of service attack.

Component CVE Number CVSS Base Score Access
glibc CVE-2010-3847 (not yet released)   - -
  CVE-2010-3856 (not yet released)   - -
sudo CVE-2010-2956  6.2 Medium local
openldap CVE-2010-0211  5.0 Medium network
  CVE-2010-0212 5.0 Medium network




Johannes B. Ullrich, Ph.D.
SANS Technology Institute


3904 Posts
ISC Handler
Jan 5th 2011

Sign Up for Free or Log In to start participating in the conversation!