VMWare Security Advisory VMSA-2011-0001
VMWare today released Security Advisory VMSA-2011-0001 [1] as well as updated two of last years security advisories [2],[3]
The update patches glibc, sudo and openldap that are used as part of VMWare ESX. The vulnerabilities could be used to escalate privileges if a user has access to the VMWare console or launch a denial of service attack.
Component | CVE Number | CVSS Base Score | Access |
---|---|---|---|
glibc | CVE-2010-3847 (not yet released) | - | - |
CVE-2010-3856 (not yet released) | - | - | |
sudo | CVE-2010-2956 | 6.2 Medium | local |
openldap | CVE-2010-0211 | 5.0 Medium | network |
CVE-2010-0212 | 5.0 Medium | network |
[1] http://www.vmware.com/security/advisories/VMSA-2011-0001.html
[2] http://www.vmware.com/security/advisories/VMSA-2010-0017.html
[3] http://www.vmware.com/security/advisories/VMSA-2010-0016.html
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Keywords: vmware
0 comment(s)
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
×
Diary Archives
Comments