DarkFiber Consulting – IT Managed Services

VMware Releases Security Advisory VMSA-2008-0018 and Updates VMSA-2008-0016.1

November 10th, 2008 . by DarkFiber Consulting

VMware has released Security Advisory VMSA-2008-0018 and has updated Security Advisory VMSA-2008-0016.1 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to conduct directory traversal attacks, operate with escalated privileges, or obtain sensitive information.

DarkFiber Consulting encourages users and administrators to review VMware Security Advisories VMSA-2008-0018 and VMSA-2008-0016.1 and apply any necessary updates to help mitigate the risks.

VMware Releases Security Advisory VMSA-2008-0017

October 31st, 2008 . by DarkFiber Consulting

VMware has released a Security Advisory indicating it has updated the ESX packages to address vulnerabilities in libxml2, ucd-snmp, and libtiff. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, spoof authenticated SNMPv3 packets, or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review VMware Security Advisory VMSA-2008-0017 and apply any necessary updates to help mitigate the risks.

VMware Security Advisory VMSA-2008-0016

October 6th, 2008 . by DarkFiber Consulting

VMware has released Security Advisory VMSA-2008-0016 to address multiple vulnerabilities. These vulnerabilities affect VMware hosted products, VirtualCenter, ESX, and ESXi. Exploitation of these vulnerabilities may allow an attacker to operate with escalated privileges in a guest operating system, obtain sensitive information, bypass security restrictions, or cause a denial-of-service condition.

DarkFiber Consulting encourages users to review VMware Security Advisory VMSA-2008-0016 and apply any necessary updates to help mitigate the risks.

VMware Releases Security Advisory VMSA-0008-0015

September 19th, 2008 . by DarkFiber Consulting

VMware has released a Security Advisory indicating it has updated the ESXi and ESX 3.5 packages to address a vulnerability in “openwsman”. This vulnerability is due to several buffer overflow conditions in the handling of HTTP basic authentication headers. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on the host running ESXi or ESX.

DarkFiber Consulting encourages users and administrators to review VMware Security Advisory VMSA-0008-0015 and apply any necessary updates to help mitigate the risks.