Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

VMWare Security Advisory

Published: 2010-11-30
Last Updated: 2010-11-30 13:24:19 UTC
by Joel Esler (Version: 1)
0 comment(s)

Today VMWare released a Security Advisory at this URL:

http://lists.vmware.com/pipermail/security-announce/2010/000111.html

It's an update for VMware ESX 4.1 without patch ESX410-201011001.

Here's the problem description right off of their website:

 a. Service Console OS update for COS kernel package.

    This patch updates the Service Console kernel to fix a stack
    pointer underflow issue in the 32-bit compatibility layer.

    Exploitation of this issue could allow a local user to gain
    additional privileges.

    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2010-3081 to this issue.

So if you are running this software in your enterprise, you'll want to take a look at this one.  Thanks to VMWare for this one.

-- Joel Esler | http://blog.joelesler.net | http://twitter.com/joelesler

Keywords: update
0 comment(s)
Diary Archives