U radu programskog paketa VMware ESX otkriveno je više sigurnosnih propusta. Riječ je o paketu namijenjenom virtualizaciji različitih operacijskih sustava na jednom poslužitelju. Propusti su posljedica ranjivosti u paketima Glibc, OpenLDAP i naredbi SUDO. Udaljeni, zlonamjerni korisnik ih može zlouporabiti za izvođenje DoS napada, pokretanje proizvoljnog programskog koda, povećanje ovlasti i otkrivanje osjetljivih podataka. Za detalje propusta preporuča se čitanje izvorne preporuke. Dostupna je nadogradnja za inačicu 4.0 pa se korisnicima savjetuje njezina primjena. Za inačicu 4.1. nadogradnja će biti izdana naknadno.
VMSA-2011-0001
VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2011-0001
Synopsis: VMware ESX third party updates for Service Console
packages glibc, sudo, and openldap
Issue date: 2011-01-04
Updated on: 2011-01-04 (initial release of advisory)
CVE numbers: CVE-2010-3847 CVE-2010-385 CVE-2010-2956
CVE-2010-0211 CVE-2010-0212
------------------------------------------------------------------------
1. Summary
ESX 4.0 Service Console OS (COS) updates for glibc, sudo, and
openldap packages.
2. Relevant releases
VMware ESX 4.0 without patches ESX400-201101405-SG,
ESX400-201101404-SG, ESX400-201101402-SG
3. Problem Description
a. Service Console update for glibc
The service console packages glibc, glibc-common, and nscd are each
updated to version 2.5-34.4908.vmw.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-3847 and CVE-2010-3856 to the issues
addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not applicable
ESX 4.1 ESX affected, patch pending
ESX 4.0 ESX ESX400-201101405-SG
ESX 3.5 ESX not applicable
ESX 3.0.3 ESX not applicable
* Hosted products are VMware Workstation, Player, ACE, Server, Fusion.
b. Service Console update for sudo
The service console package sudo is updated to version
1.7.2p1-8.el5_5.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-2956 to the issue addressed in this
update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX affected, patch pending
ESX 4.0 ESX ESX400-201101404-SG
ESX 3.5 ESX not applicable
ESX 3.0.3 ESX not applicable
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
c. Service Console update for openldap
The service console package openldap is updated to version
2.3.43-12.el5_5.1.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0211 and CVE-2010-0212 to the issues
addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX affected, patch pending
ESX 4.0 ESX ESX400-201101402-SG
ESX 3.5 ESX not applicable
ESX 3.0.3 ESX not applicable
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
4. Solution
Please review the patch/release notes for your product and version
and verify the checksum of your downloaded file.
ESX 4.0
-------
ESX400-201101001
Download link:
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-257-20101231-664659/ESX400-201101001.zip
md5sum: f1d522b380692e0845eb0dda480ab890
sha1sum: 906989af3ddacc41321d685c4afe0d740856f9d5
http://kb.vmware.com/kb/1029426
ESX400-201101001 contains the following security bulletins:
ESX400-201101401-SG (COS kernel) | http://kb.vmware.com/kb/1029424
ESX400-201101405-SG (glibc) | http://kb.vmware.com/kb/1029881
ESX400-201101404-SG (sudo) | http://kb.vmware.com/kb/1029421
ESX400-201101402-SG (openldap) | http://kb.vmware.com/kb/1029423
ESX400-201101401-SG is documented in VMSA-2010-0017.1.
To install an individual bulletin use esxupdate with the -b option.
5. References
CVE numbers
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0211
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0212
------------------------------------------------------------------------
6. Change log
2011-01-04 VMSA-2011-0001
Initial security advisory in conjunction with the release of patches
for ESX 4.0 on 2011-01-04
-----------------------------------------------------------------------
7. Contact
E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
* security-announce at lists.vmware.com
* bugtraq at securityfocus.com
* full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center
http://www.vmware.com/security
VMware Security Advisories
http://www.vmware.com/security/advisories
VMware security response policy
http://www.vmware.com/support/policies/security_response.html
General support life cycle policy
http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html
Copyright 2011 VMware Inc. All rights reserved.
Posljednje sigurnosne preporuke