---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: VMware ESX Server and VirtualCenter Multiple Security Updates SECUNIA ADVISORY ID: SA28365 VERIFY ADVISORY: http://secunia.com/advisories/28365/ CRITICAL: Highly critical IMPACT: Security Bypass, DoS, System access WHERE: >From remote OPERATING SYSTEM: VMware ESX Server 3.x http://secunia.com/product/10757/ SOFTWARE: VMware VirtualCenter 2.x http://secunia.com/product/10762/ DESCRIPTION: VMware has issued updates for VMware ESX Server and VirtualCenter. These fix some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, to cause a DoS (Denial of Service) or compromise a vulnerable system. For more information: SA24732 SA25295 SOLUTION: Apply patches. VirtualCenter CD image: md5sum d7d98a5d7f8afff32cee848f860d3ba7 VirtualCenter as Zip: md5sum 3b42ec350121659e10352ca2d76e212b ESX Server 3.0.2: http://kb.vmware.com/kb/1002434 md5sum: 2f52251f6ace3d50934344ef313539d5 ESX Server 3.0.1: http://kb.vmware.com/kb/1003176 md5sum: 5674ca0dcfac90726014cc316444996e ORIGINAL ADVISORY: VMware: http://lists.vmware.com/pipermail/security-announce/2008/000003.html OTHER REFERENCES: SA24732: http://secunia.com/advisories/24732/ SA25295: http://secunia.com/advisories/25295/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------