Syswoody

Blog de Sistemas Informáticos

Vmware

CVE-2010-3081 Fallo de Seguridad en Vmware 4.1 ESX

Poradmin

Dic 6, 2010 
Fallo en el Kernel de ESX de Vmware permite elevacion de privilegios.

1. Summary

   ESX Service Console OS (COS) kernel update.

2. Relevant releases

   VMware ESX 4.1 without patch ESX410-201011001

3. Problem Description

 a. Service Console OS update for COS kernel package.

    This patch updates the Service Console kernel to fix a stack
    pointer underflow issue in the 32-bit compatibility layer.

    Exploitation of this issue could allow a local user to gain
    additional privileges.

    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2010-3081 to this issue.

    Column 4 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.

    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected

    hosted *       any       any      not affected

    ESXi           any       ESXi     not affected

    ESX            4.1       ESX      ESX410-201011402-SG
    ESX            4.0       ESX      patch pending
    ESX            3.x       ESX      not applicable

  * hosted products are VMware Workstation, Player, ACE, Fusion.

4. Solution

   Please review the patch/release notes for your product and version
   and verify the md5sum of your downloaded file.

   ESX 4.1
   -------
   ESX410-201011001
   Download link:
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-253-20101122-763
417/ESX410-201011001.zip
   md5sum: e73fd3302529c1d85d9cc47457dfb963
   sha1sum: c0e0eac907c04105791ac44e288e7d8076dc14e0
   http://kb.vmware.com/kb/1029400

   ESX410-201011001 contains the following security bulletins:
   ESX410-201011402-SG (COS kernel) | http://kb.vmware.com/kb/1029397

   ESX410-201011001 also contains the following non-security bulletins
   ESX410-201011401-BG

   To install an individual bulletin use esxupdate with the -b option.

5. References

   CVE numbers
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081

- ------------------------------------------------------------------------

6. Change log

2010-11-29  VMSA-2010-0017
Initial security advisory after release of patches for ESX 4.1
on 2010-11-29

Via:http://lists.vmware.com/pipermail/security-announce/2010/000111.html

Noticias de informática:

  1. Disk Mount Vmware desde consola
  2. Redimensionar Discos VMDK
  3. Vmware 7.1 disponible
  4. Vmware Converter portable 3.0.1

Por admin

Entrada relacionada

Vmware

Roban el código de Vmware ESX

Abr 26, 2012 admin
Vmware

VMware Converter Runtime Error

Feb 4, 2012 admin
Vmware

Fallo de seguridad en Vmware con el tratamiento UDF

Oct 9, 2011 admin

Deja una respuesta

You missed

promociones

Comparativa de Moviles Xiaomi

24/04/2024 admin
promociones

Champu Anticaidas

07/04/2024 admin
promociones

Limpiadores Faciales

04/12/2023 admin
Apache Noticias Sistemas

Instalar PHP 7.2 Debian 11 con Plesk

01/10/2023 admin
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.

Powered By
Best Wordpress Adblock Detecting Plugin | CHP Adblock