Advertisement
Promo

Security threats Toolkit

VMware patches hypervisor bugs

Tom Espiner ZDNet.co.uk

Published: 19 Sep 2008 16:54 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A patch is available for a buffer overflow vulnerability in VMware's flagship ESX 3.5 and ESXi 3.5 hypervisors.

The flaw and a patch were announced in VMware Security Advisory VMSA-2008-0015 on Thursday.

The vulnerability lies in the Openwsman system management platform, which implements VMware's web services management protocol. Buffer overflows could occur while Openwsman decodes HTTP basic authentication headers, the company said.

ZDNet.co.uk blogs

Come and talk to ZDNet

We're inviting people to join us in a breakfast briefing on virtualisation...

Find out more +

Patches are linked to on VMware's site in security advisory VMSA-2008-0015.

VMware also re-released two advisories with additional patches. VMSA-2008-0014 has added fixes for libpng and bind for ESX 3.5 servers, while VMSA-2008-0013 has added fixes for net-snmp and perl for ESX 3.5 servers, security training organisation Sans noted on its blog.

Last month, VMware customers had to contend with their virtual machines not turning on after a licensing mistake by VMware.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:





Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters