exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

VMware Security Advisory 2006-0004.asc

VMware Security Advisory 2006-0004.asc
Posted Aug 17, 2006
Authored by VMware | Site vmware.com

VMware Security Advisory - Three vulnerabilities have been addressed in VMWare ESX.

tags | advisory, vulnerability
advisories | CVE-2005-3618, CVE-2005-3620, CVE-2006-2481
SHA-256 | bbf9b9eec0618eef1cc22c20191021d149ef39888c4f7849cc0823e1fc498e76

VMware Security Advisory 2006-0004.asc

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


- -------------------------------------------------------------------
VMware Security Advisory

Advisory ID: VMSA-2006-0004
Synopsis: Cross site scripting vulnerability and other fixes
Knowledge base URL:http://kb.vmware.com/kb/2118366
Issue date: 2006-07-27
Updated on: 2006-07-27
CVE Names: CVE-2005-3618 CVE-2005-3620 CVE-2006-2481
- -------------------------------------------------------------------

1. Summary:

Several security issues affecting ESX 2.5.x

VMware has rated this as a Priority 1 security issue according to
Vmware's Security Response Policy. See
http://www.vmware.com/vmtn/technology/security/security_response.html

2. Relevant releases:

VMware ESX 2.5.3 prior to upgrade patch 2
VMware ESX 2.1.3 prior to upgrade patch 1
VMware ESX 2.0.2 prior to upgrade patch 1

3. Problem description:

The three vulnerabilities have been assigned names by the Common
Vulnerabilities and Exposures (CVE) project, as follows:

CVE-2005-3618: An unauthorized user could potentially construct a
specially crafted URL that may change a known user's password.

CVE-2005-3620: A local user could view potentially sensitive
information.

CVE-2006-2481: If an attacker can gain access to browser cookies
by any mechanism, such as through a cross site scripting attack,
then they could acquire not only the session ID, but the
authentication credentials. NOTE: This issue was fixed in ESX 2.5.3,
ESX 2.5.2 Patch 4, ESX 2.0.2 and later.

4. Solution:

Upgrade to the latest update package for your release of ESX.
http://www.vmware.com/download/esx/

Installing the Update

This update requires you to boot your server into Linux mode to perform
the upgrade. When you are prompted to reboot at the end of the upgrade,
the installer will restart your system to run ESX Server.

1. Power off all virtual machines and shutdown your server.
2. Restart your system.
3. At the LILO Boot Menu, select the linux option. Allow the system
start procedure to complete.
4. Log in as root into the ESX Server service console, in Linux mode.
Make sure your path variable contains /usr/bin:/bin.
5. Download the tar file into a temporary directory under /root on
your ESX service console.
6. Change directories to that temporary directory.
7. Verify the integrity of the package for your version:
# md5sum esx-*-upgrade.tar.gz

The md5 checksum output should match one of the following:
50c3260176c8cc33ad3bc880a20a4656 esx-2.5.3-28065-upgrade.tar.gz
ddb67afe2a48a04fb764af2497d6b75c esx-2.5.3-27728-upgrade.tar.gz
ce112a1d17893fbe5b47dfb011468269 esx-2.1.3-27733-upgrade.tar.gz
7f9b2367bbc54f29586ade0e1e286837 esx-2.0.2-27920-upgrade.tar.gz

8. Extract the compressed tar archive:
# tar -xvzf esx-2.5.3-28065-upgrade.tar.gz
9. Change directories to the newly created directory
# cd esx-2.5.3-28065-upgrade
10. Run the patch installer:
# /usr/bin/perl ./upgrade.pl

Note: Once you start the installation script, do not enter keyboard
escape commands such as Control-C or Control-D. Using escape
commands will interrupt the upgrade procedure and leave your
system partially upgraded.

11. The system updates have now been installed. A reboot prompt displays:
Reboot the server now [y/n]?

This update will not be complete until you reboot the ESX Server. If
you enter N, to indicate that you will not reboot at this time, ESX
Server displays the warning message:

"Please reboot the server manually for this update to take effect.
Update has been terminated unexpectedly."

If you see this message, you must manually reboot the server to complete
the driver update.

12. At the reboot prompt, enter Y to reboot the server.

7. References:

http://www.corsaire.com/
http://www.corsaire.com/advisories/c060512-001.txt
http://www.corsaire.com/advisories/c051114-002.txt
http://www.corsaire.com/advisories/c051114-002.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3618
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3620
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2481
http://www.vmware.com/products/esx/
http://www.vmware.com/download/esx/

8. Acknowledgments

VMware would like to thank Stephen de Vries and Martin O'Neal of the
security consultancy Corsaire Limited, <http://www.corsaire.com/>.

9. Contact:

http://www.vmware.com/security

Copyright 2006 VMware Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFEzrZbLsZLrftG15MRAmhEAKDdG3ivyE1CbJ97Tj5vD1D2LWLJiQCgotYh
9qAHbV4xEJHN0Y0GeIFzR8M=
=lRxp
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close