VMware New and Updated Advisories - SANS Internet Storm Center

VMware New and Updated Advisories
VMware issued the following security advisories: The VMware vCenter Chargeback Manager contains a vulnerability that allows information leakage and DoS [1]. VMware recommend applying the following patch available here [2]. The VMware VirtualCenter and ESX, Oracle (Sun) JRE update 1.5.0_32 Oracle (Sun) JRE is updated to version 1.5.0_32, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE [3]. VMware recommend applying the following patch for VMware Virtual Center 2.5 Update 6b available here [4] (registered users with a valid serial number) and ESX350-201203401-SG and here [5]. The following advisories have been updated VMware ESX third party updates for Service Console packages glibc and dhcp (VMSA-2011-0010.3) [6] VMware ESXi and ESX updates to third party libraries and ESX Service Console (VMSA-2011-0012.3) [7] VMware third party component updates for VMware vCenter Server, vSphere Update Manager, ESXi and ESX (VMSA-2011-0013.2) [8] [1] http://www.vmware.com/security/advisories/VMSA-2012-0002.html [2] http://downloads.vmware.com/d/info/it_business_management/vmware_vcenter_chargeback/2_0 [3] http://www.vmware.com/security/advisories/VMSA-2012-0003.html [4] http://www.vmware.com/download/download.do?downloadGroup=VC250U6B [5] http://downloads.vmware.com/go/selfsupport-download [6] http://www.vmware.com/security/advisories/VMSA-2011-0010.html [7] http://www.vmware.com/security/advisories/VMSA-2011-0012.html [8] http://www.vmware.com/security/advisories/VMSA-2011-0013.html ----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu	Guy 523 Posts ISC Handler Mar 9th 2012
Thread locked Subscribe	Mar 9th 2012 1 decade ago