Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: VMWare Security Advisory VMSA-2011-0001 - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
VMWare Security Advisory VMSA-2011-0001

VMWare today released Security Advisory VMSA-2011-0001 [1] as well as updated two of last years security advisories [2],[3]

The update patches glibc, sudo and openldap that are used as part of VMWare ESX. The vulnerabilities could be used to escalate privileges if a user has access to the VMWare console or launch a denial of service attack.

Component CVE Number CVSS Base Score Access
glibc CVE-2010-3847 (not yet released)   - -
  CVE-2010-3856 (not yet released)   - -
sudo CVE-2010-2956  6.2 Medium local
openldap CVE-2010-0211  5.0 Medium network
  CVE-2010-0212 5.0 Medium network




Johannes B. Ullrich, Ph.D.
SANS Technology Institute

I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANSFIRE 2022


4504 Posts
ISC Handler
Jan 5th 2011

Sign Up for Free or Log In to start participating in the conversation!