VMWare Security Advisory VMSA-2011-0001
VMWare today released Security Advisory VMSA-2011-0001 [1] as well as updated two of last years security advisories [2],[3]
The update patches glibc, sudo and openldap that are used as part of VMWare ESX. The vulnerabilities could be used to escalate privileges if a user has access to the VMWare console or launch a denial of service attack.
| Component | CVE Number | CVSS Base Score | Access |
|---|---|---|---|
| glibc | CVE-2010-3847 (not yet released) | - | - |
| CVE-2010-3856 (not yet released) | - | - | |
| sudo | CVE-2010-2956 | 6.2 Medium | local |
| openldap | CVE-2010-0211 | 5.0 Medium | network |
| CVE-2010-0212 | 5.0 Medium | network |
[1] http://www.vmware.com/security/advisories/VMSA-2011-0001.html
[2] http://www.vmware.com/security/advisories/VMSA-2010-0017.html
[3] http://www.vmware.com/security/advisories/VMSA-2010-0016.html
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Keywords: vmware
0 comment(s)
My next class:
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
×
![modal content]()
Diary Archives
Comments