U.S. Flag Official website of the Department of Homeland Security

VMware Releases Multiple Updates for ESX

Original release date: January 08, 2010 | Last revised: October 23, 2012

VMware has released Security Advisory VMSA-2010-0001 to address multiple vulnerabilities in ESX Service Console packages for Network Security Services (NSS) and NetScape Portable Runtime (NSPR). Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, cause a denial-of-service condition, bypass security restrictions, and compromise a vulnerable system.

Additionally, VMware has updated two previously released advisories: VMSA-2009-0014.2 that addresses vulnerabilities in the DHCP, Service Console Kernel, and Java JRE packages for ESX, and VMSA-2009-0004.3 that addresses vulnerabilities in the OpenSSL, BIND, and Vim packages for ESX.

US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2010-0001, VMSA-2009-0014.2, and VMSA-2009-0004.3 and apply any necessary updates to help mitigate the risks.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top