exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

VMware Security Advisory 2009-0001

VMware Security Advisory 2009-0001
Posted Feb 1, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - Updated ESX patches address an issue loading corrupt virtual disks and update Service Console packages for net-snmp and libxml2.

tags | advisory
advisories | CVE-2008-4914, CVE-2008-4309, CVE-2008-4226, CVE-2008-4225
SHA-256 | 0e7b91107741d71e6675c0f2c159e51f653f073c37b9efdcb9785268746062c4

VMware Security Advisory 2009-0001

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
VMware Security Advisory

Advisory ID: VMSA-2009-0001
Synopsis: ESX patches address an issue loading corrupt virtual
disks and update Service Console packages
Issue date: 2009-01-30
Updated on: 2009-01-30 (initial release of advisory)
CVE numbers: CVE-2008-4914 CVE-2008-4309 CVE-2008-4226
CVE-2008-4225
- ------------------------------------------------------------------------

1. Summary

Updated ESX patches address an issue loading corrupt
virtual disks and update Service Console packages
for net-snmp and libxml2.

2. Relevant releases

VMware ESXi 3.5 without patch ESXe350-200901401-I-SG

VMware ESX 3.5 without patches ESX350-200901401-SG,
ESX350-200901409-SG,
ESX350-200901410-SG

VMware ESX 3.0.3 without patches ESX303-200901405-SG,
ESX303-200901406-SG

VMware ESX 3.0.2 without patches ESX-1007673, ESX-1007674

NOTE: Extended support for ESX 3.5 Update 1 ends on 7/25/2009, users
should plan to upgrade to at least ESX 3.5 Update 2 by that
time.

Extended support for ESX 3.0.2 Update 1 ends on 2009-08-08.
Users should plan to upgrade to ESX 3.0.3 and preferably to
the newest release available.

3. Problem Description

a. Loading a corrupt delta disk may cause ESX to crash

If the VMDK delta disk of a snapshot is corrupt, an ESX host might
crash when the corrupted disk is loaded. VMDK delta files exist
for virtual machines with one or more snapshots. This change ensures
that a corrupt VMDK delta file cannot be used to crash ESX hosts.

A corrupt VMDK delta disk, or virtual machine would have to be loaded
by an administrator.

VMware would like to thank Craig Marshall for reporting this issue.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2008-4914 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected

hosted * any any not affected

ESXi 3.5 ESXi ESXe350-200901401-I-SG

ESX 3.5 ESX ESX350-200901401-SG
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected

* hosted products are VMware Workstation, Player, ACE, Server, Fusion.

b. Updated Service Console package net-snmp

Net-SNMP is an implementation of the Simple Network Management
Protocol (SNMP). SNMP is used by network management systems to
monitor hosts.

A denial-of-service flaw was found in the way Net-SNMP processes
SNMP GETBULK requests. A remote attacker who issued a specially-
crafted request could cause the snmpd server to crash.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2008-4309 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected

hosted * any any not affected

ESXi 3.5 ESXi not affected

ESX 3.5 ESX ESX350-200901409-SG
ESX 3.0.3 ESX ESX303-200901405-SG
ESX 3.0.2 ESX ESX-1007673
ESX 2.5.5 ESX not affected

* hosted products are VMware Workstation, Player, ACE, Server, Fusion.

c. Updated Service Console package libxml2

An integer overflow flaw causing a heap-based buffer overflow was
found in the libxml2 XML parser. If an application linked against
libxml2 processed untrusted, malformed XML content, it could cause
the application to crash or, possibly, execute arbitrary code.

The Common Vulnerabilities and Exposures Project (cve.mitre.org) has
assigned the name CVE-2008-4226 to this issue.

A denial of service flaw was discovered in the libxml2 XML parser.
If an application linked against libxml2 processed untrusted,
malformed XML content, it could cause the application to enter
an infinite loop.

The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2008-4225 to this issue.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected

hosted * any any not affected

ESXi 3.5 ESXi not affected

ESX 3.5 ESX ESX350-200901410-SG
ESX 3.0.3 ESX ESX303-200901406-SG
ESX 3.0.2 ESX ESX-1007674
ESX 2.5.5 ESX affected, patch pending

* hosted products are VMware Workstation, Player, ACE, Server, Fusion.

4. Solution

Please review the patch/release notes for your product and version
and verify the md5sum of your downloaded file.

ESXi
----
ESXi 3.5 patch ESXe350-200901401-I-SG
http://download3.vmware.com/software/vi/ESXe350-200901401-O-SG.zip
md5sum: 588dc7bfdee4e4c5ac626906c37fc784
http://kb.vmware.com/kb/1006661

NOTE: The three ESXi patches for Firmware "I", VMware Tools "T," and
the VI Client "C" are contained in a single offline "O"
download file.

ESX
---
ESX 3.5 patch ESX350-200901401-SG (VMDK)
http://download3.vmware.com/software/vi/ESX350-200901401-SG.zip
md5sum: 2769ac30078656b01ca1e2fdfa3230e9
http://kb.vmware.com/kb/1006651

ESX 3.5 patch ESX350-200901409-SG (net-snmp)
http://download3.vmware.com/software/vi/ESX350-200901409-SG.zip
md5sum: 2c75cd848d9f3c51619b9a7bd60d20a3
http://kb.vmware.com/kb/1006659

ESX 3.5 patch ESX350-200901410-SG (libxml2)
http://download3.vmware.com/software/vi/ESX350-200901410-SG.zip
md5sum: 061f96373244e7eab3f0d5fe2415ce91
http://kb.vmware.com/kb/1006660

ESX 3.0.3 patch ESX303-200901405-SG (net-snmp)
http://download3.vmware.com/software/vi/ESX303-200901405-SG.zip
md5sum: 9983b63a1e2dc7fb3d80f0021c1c347c
http://kb.vmware.com/kb/1007681

ESX 3.0.3 patch ESX303-200901406-SG (libxml2)
http://download3.vmware.com/software/vi/ESX303-200901406-SG.zip
md5sum: 2d5a827ccaf406a54dd3a5affee39db0
http://kb.vmware.com/kb/1007682

ESX 3.0.2 patch ESX-1007673 (net-snmp)
http://download3.vmware.com/software/vi/ESX-1007673.tgz
md5sum: af4a36d2b4d731177210c789df844974
http://kb.vmware.com/kb/1007673

ESX 3.0.2 patch ESX-1007674 (libxml2)
http://download3.vmware.com/software/vi/ESX-1007674.tgz
md5sum: fb4b5e9a03dea5b9e24cc0766ddd2581
http://kb.vmware.com/kb/1007674

5. References

CVE numbers
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4914
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225

- ------------------------------------------------------------------------
6. Change log

2009-01-30 VMSA-2009-0001
Initial security advisory after release of patches for ESXi, ESX 3.5,
ESX 3.0.3, ESX 3.0.2 on 2009-01-30.

- -----------------------------------------------------------------------
7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

* security-announce at lists.vmware.com
* bugtraq at securityfocus.com
* full-disclosure at lists.grok.org.uk

E-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055

VMware Security Center
http://www.vmware.com/security

VMware security response policy
http://www.vmware.com/support/policies/security_response.html

General support life cycle policy
http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html

Copyright 2009 VMware Inc. All rights reserved.


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8

wj8DBQFJhAYnS2KysvBH1xkRAiqwAJ47A5mvajtIwB6kZCcNcvUGoraANACbBTsD
cgkdo5JKkJLgol+Y2VXW1co=
=PvKt
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close