en

‫ VMware Multiple Products Multiple Vulnerabilities

IRCAD2012031789
ID: IRCAD2012031789
Release Date: 2012-03-16
Criticality level: Highly critical
Software:
VMware ESX Server 4.x
VMware ESXi 4.x
VMware ESXi 5.x
VMware vCenter Server 4.x
VMware vCenter Server 5.x
VMware vSphere Update Manager 5.x
Description:
VMware has acknowledged multiple vulnerabilities in multiple VMware products, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
Note: This vulnerability doesn't affect VMware Update Manager.
Please see the vendor's advisory for a list of affected versions.
Solution
Apply patches if available (please see the vendor's advisory for details).
References:
Secunia:

The Wall

No comments
You need to sign in to comment