|
VMware Releases Security Advisory VMSA-0008-0015
URL : http://www.us-cert.gov/current/index.html#vmware_releases_security_advisory_vmsa added September 19, 2008 at 09:51 am VMware has released Security Advisory (http://www.vmware.com/security/advisories/VMSA-2008-0015.html) indicating it has updated the ESXi and ESX 3.5 packages to address a vulnerability in "openwsman". This vulnerability is due to several buffer overflow conditions in the handling of HTTP basic authentication headers. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on the host running ESXi or ESX. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-0008-0015 (http://www.vmware.com/security/advisories/VMSA-2008-0015.html) and apply any necessary updates to help mitigate the risks. |
