VMware Security Advisory VMSA-2006-0001: VMware ESX Server Cross Site Scripting issue
726f9d276952b2f62ad214bd01f6b5a9ad22236f887256e9dee21bdc2411de2eVMware Security Advisory 2011-0004 - Service Location Protocol daemon (SLPD) denial of service issue and ESX 4.0 Service Console OS (COS) updates for bind, pam, and rpm.
719826a83686579aa0ee4f4f4daf886e176fc92fd4d140eec35f2f8d630f07d1VMware Security Advisory 2011-0003 - Update 1 for vCenter Server 4.1, vCenter Update Manager 4.1, vSphere Hypervisor (ESXi) 4.1, ESXi 4.1, addresses several security issues.
a95e2afdac2f371dde546f60106ef87c8a8060a48b0bed878681c1eba5041ffeVMware Security Advisory 2011-0002 - Updated versions of the Cisco Nexus 1000V virtual switch address a denial of service in VMware ESX/ESXi.
f7fb2874766eafff4cbc31b572f60590002f62083f57c442c95b8355c3c13bdaVMware Security Advisory 2011-0001 - ESX 4.0 Service Console OS (COS) updates for glibc, sudo, and openldap packages.
c46f8a177cb54cdf53c56e8c0fc1617a7a611c96438fab66c017b274544829edVMware Security Advisory 2010-0020 - VMware ESXi 4.1 Update Installer might introduce a SFCB Authentication Flaw.
12c5720af03742907282a1f3c4a358ad3ac5c767910cade97759d078ac1e03cfVMware Security Advisory 2010-0019 - ESX 3.x Console OS (COS) updates for samba, bzip2, and openssl packages.
53508d995bd3ee7696e115312bf6f130857171310cf94855d6fe67fca9362f8aVMware Security Advisory 2010-0018 - VMware hosted products and ESX patches resolve multiple security issues.
0c2a1d7ce8cb7c11e6171577e84852c59a7e5a1763b387923bacb7c519d9f6b0VMware Security Advisory 2010-0017 - ESX Service Console OS (COS) kernel update. This patch updates the Service Console kernel to fix a stack pointer underflow issue in the 32-bit compatibility layer. Exploitation of this issue could allow a local user to gain additional privileges.
c383897ffa5b5838bac181865a4e4211051098bbfcbd3855b2b85a5ac456837fVMware Security Advisory 2010-0016 - This patch updates the service console kernel to fix multiple security issues. Updates to the likewisekrb5, likewiseopenldap, likewiseopen, and pamkrb5 packages address several security issues.
07d894e6a7a9e88a8d84a552ceb2b2d8a971a3c2b551994cd04d95e15402b1ccVMware Security Advisory 2010-0015 - ESX 4.0 Console OS (COS) updates for NSS_db, OpenLDAP, cURL, sudo OpenSSL, GnuTLS, NSS and NSPR packages.
fdad8c6c91e0eabfe81a21d19d5f5d5ed52fdc1c4de978eea683eae1e3131b79VMware Security Advisory - VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.
c598de56110b9b1285f2b8e0d5afbeeb93abb4d32d2d9e62b9bdc9c16b71278bVMware Security Advisory - The service console package cpio is updated to version 2.5-6.RHEL3. The service console package tar is updated to version 1.13.25-16.RHEL3. The service console packages for samba are updated to version samba-3.0.9-1.3E.17vmw, samba-client-3.0.9-1.3E.17vmw and samba-common-3.0.9-1.3E.17vmw. The service console package krb5 is updated to version 1.2.7-72. The service console package perl is updated to version 5.8.0-101.EL3.
d9f282f0d9f5fec35a2bbedbc199700f42e61ad6e7d07ff47128d015784fd210VMware Security Advisory - The default version of the Jetty Web server in Update Manager is version 6.1.6 for which the following relevant vulnerabilities are reported. A directory traversal vulnerability in Jetty allows for obtaining files from the system where Update Manager is installed by a remote, unauthenticated attacker. The attacker would need to be on the same network as the system where Update Manager is installed. A cross-site scripting vulnerability in Jetty allows for running JavaScript in the browser of the user who clicks a URL containing a malicious request to Update Manager. For an attack to be successful the attacker would need to lure the user into clicking the malicious URL.
71229e8375725c682b9b8bc4687d11565e6aad277b5be549585f83274690850bVMware Security Advisory - VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0.
0db53c597e93d42d1dc1c70847ad8b7ad162e5bfd7ee81e6fd69c060ab801465VMware Security Advisory - Multiple security vulnerabilities have been addressed in the ESX 3.5 third party update for Service Console kernel.
aa1a26637b1e580254f4bbb305140b8c04268ad3825842369f0d59c42358231aVMware Security Advisory - ESXi update for ntp and ESX Console OS (COS) updates for COS kernel, openssl, krb5, gcc, bind, gzip, sudo.
265894d60573fb64dd3a92d7f29fdc6bc046907fc9c12b1dd05acd79d2c91f20VMware Security Advisory - VMware View 3.1.3 addresses an important cross-site scripting vulnerability.
50ad4e9c926166df1d54d7221256e059c8c05c335380ebe8d8e1d0b293d57e06VMware Security Advisory - VMware hosted products, vCenter Server and ESX patches resolve multiple security issues.
e16687d5cfca70a16709fd562f838d84c272a3a7b70eda5f2039b595265b5db8VMware Security Advisory - This ESX service console update addresses security issues regarding samba and acpid.
00441a9ab5817c9f0ed67e7dff7af17dd695c35fa919b9a5e9c0d08c8f836e96VMware Security Advisory - A cross-site scripting vulnerability in WebAccess allows for disclosure of sensitive information. The flaw is due to insufficient verification of certain parameters which may lead to redirection of a user's requests. This vulnerability can only be exploited if the attacker tricks the WebAccess user into clicking a malicious link and the attacker has control of a server on the same network as the system where WebAccess is being used.
85919e5b4cda7ee681c52ebaf6b744efd4562b046b0744f8b117c70cc911302fVMware Security Advisory - Updates have been issues for ESX Service Console newt, nfs-utils, and glib2 packages. vMA updates for newt, nfs-util, glib2, kpartx, libvolume-id, device-mapper-multipath, fipscheck, dbus, dbus-libs, ed, openssl, bind, expat, openssh, ntp and kernel packages have also been issued.
0ae5770077c762418cfd24f3ee041e3030eda4c4cf779c13c8b5a0c5d3c879caVMware Security Advisory - This patch updates the service console package for net-snmp, net-snmp-utils, and net-snmp-libs to version net-snmp-5.0.9-2.30E.28. This net-snmp update fixes a divide-by- zero flaw in the snmpd daemon. A remote attacker could issue a specially crafted GETBULK request that could cause the snmpd daemon to fail.
be9eec1e0afa2608f6e5a930b35d6a797d067f76d7824fe15b60c52609c39c15VMware Security Advisory - JRE update to version 1.5.0_22, which addresses multiple security issues that existed in earlier releases of JRE.
9fdca7e08dfc8d5434a4f2c697c71bb80affbf3145121242ba0ffd398e591d00VMware Security Advisory - Service console packages for Network Security Services (NSS) and NetScape Portable Runtime (NSPR) are updated to versions nss-3.12.3.99.3-1.2157 and nspr-4.7.6-1.2213 respectively. This patch fixes several security issues in the service console packages for NSS and NSPR.
750bfc5b2e28a67af487861fbcc96e099b1881a6cbe999078d4626cf32cfde37VMware Security Advisory - VMware vCenter and ESX update releases address cross-site scripting issues in the Help functionality of WebAccess. A vCenter Lab Manager release addresses the same issues which are present in the online Help functionality of Lab Manager and Stage Manager.
ad97ee3f858b24c20ef37b479f25daa1664aa5fbbf27474c52ab0f780f5a519b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed