Syswoody

Blog de Sistemas Informáticos

Vmware

CVE-2010-3081 Fallo de Seguridad en Vmware 4.1 ESX

Poradmin

Dic 6, 2010 
Fallo en el Kernel de ESX de Vmware permite elevacion de privilegios.

1. Summary

   ESX Service Console OS (COS) kernel update.

2. Relevant releases

   VMware ESX 4.1 without patch ESX410-201011001

3. Problem Description

 a. Service Console OS update for COS kernel package.

    This patch updates the Service Console kernel to fix a stack
    pointer underflow issue in the 32-bit compatibility layer.

    Exploitation of this issue could allow a local user to gain
    additional privileges.

    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2010-3081 to this issue.

    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.

    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected

    hosted *       any       any      not affected

    ESXi           any       ESXi     not affected

    ESX            4.1       ESX      ESX410-201011402-SG
    ESX            4.0       ESX      patch pending
    ESX            3.x       ESX      not applicable

  * hosted products are VMware Workstation, Player, ACE, Fusion.

4. Solution

   Please review the patch/release notes for your product and version
   and verify the md5sum of your downloaded file.

   ESX 4.1
   -------
   ESX410-201011001
   Download link:
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-253-20101122-763
417/ESX410-201011001.zip
   md5sum: e73fd3302529c1d85d9cc47457dfb963
   sha1sum: c0e0eac907c04105791ac44e288e7d8076dc14e0
   http://kb.vmware.com/kb/1029400

   ESX410-201011001 contains the following security bulletins:
   ESX410-201011402-SG (COS kernel) | http://kb.vmware.com/kb/1029397

   ESX410-201011001 also contains the following non-security bulletins
   ESX410-201011401-BG

   To install an individual bulletin use esxupdate with the -b option.

5. References

   CVE numbers
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081

- ------------------------------------------------------------------------

6. Change log

2010-11-29  VMSA-2010-0017
Initial security advisory after release of patches for ESX 4.1
on 2010-11-29

Via:http://lists.vmware.com/pipermail/security-announce/2010/000111.html

Noticias de informática:

  1. Disk Mount Vmware desde consola
  2. Redimensionar Discos VMDK
  3. Vmware 7.1 disponible
  4. Vmware Converter portable 3.0.1

Por admin

Entrada relacionada

Virtualización Software Vmware

¡VMWare Workstation Pro y Fusion Pro ahora son gratuitos para uso personal!

May 25, 2024 admin
Vmware

Roban el código de Vmware ESX

Abr 26, 2012 admin
Vmware

VMware Converter Runtime Error

Feb 4, 2012 admin

Deja una respuesta

You missed

Seguridad Sistemas Windows

Microsoft actualizaciones de seguridad windows en Junio 2024

23/06/2024 admin
Windows Fallos de Seguridad Ofimatica

Microsoft Outlook presenta grave vulnerabilidad zero-click

22/06/2024 admin
WordPress Fallos de Seguridad Web

Plugin de WordPress WP Fastest Cache vulnerable a ataques SQL

27/05/2024 admin
WordPress Fallos de Seguridad Seguridad

Vulnerabilidad crítica en el Plugin WP-Automatic permite tomar control total del servidor

26/05/2024 admin
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.

Powered By
100% Free SEO Tools - Tool Kits PRO