Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

VMWare Security Advisory VMSA-2011-0001

Published: 2011-01-05
Last Updated: 2011-01-05 12:39:50 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

VMWare today released Security Advisory VMSA-2011-0001 [1] as well as updated two of last years security advisories [2],[3]

The update patches glibc, sudo and openldap that are used as part of VMWare ESX. The vulnerabilities could be used to escalate privileges if a user has access to the VMWare console or launch a denial of service attack.

Component CVE Number CVSS Base Score Access
glibc CVE-2010-3847 (not yet released)   - -
  CVE-2010-3856 (not yet released)   - -
sudo CVE-2010-2956  6.2 Medium local
openldap CVE-2010-0211  5.0 Medium network
  CVE-2010-0212 5.0 Medium network




Johannes B. Ullrich, Ph.D.
SANS Technology Institute

Keywords: vmware
0 comment(s)
Diary Archives