Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15011
HistoryNov 14, 2006 - 12:00 a.m.

VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1

2006-11-1400:00:00
vulners.com
28
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

               VMware Security Advisory

Advisory ID: VMSA-2006-0005
Synopsis: VMware ESX Server 2.5.4 Upgrade Patch 1
Patch URL: http://www.vmware.com/download/esx/esx-254-200610-patch.html
Issue date: 2006-10-31
Updated on: 2006-11-13
CVE Names: CVE-2005-2177 CVE-2006-3467 CVE-2006-1056
CVE-2006-1342 CVE-2006-1343 CVE-2006-1864
CVE-2006-2071

  1. Summary:

Updated package addresses several security issues.

  1. Relevant releases:

VMware ESX 2.5.4 prior to upgrade patch 1

  1. Problem description:

This patch addresses the following security issues:

ucd-snmp – A denial of service bug was found in the way ucd-snmp uses
network stream protocols. A remote attacker could send a ucd-snmp agent
a specially crafted packet which will cause the agent to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CAN-2005-2177 to this issue.

XFree86 – An integer overflow flaw in the way the XFree86 server
processes PCF font files was discovered. A malicious authorized client
could exploit this issue to cause a denial of service (crash) or
potentially execute arbitrary code with root privileges on the XFree86
server. The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2006-3467 to this issue.

An AMD fxsave/restore security vulnerability. The instructions fxsave
and fxrstor on AMD CPUs are used to save or restore the FPU registers
(FOP, FIP and FDP). On AMD Opteron processors, these instructions do not
save/restore some exception related registers unless an exception is
currently being serviced. This could allow a local attacker to partially
monitor the execution path of FPU processes, possibly allowing them to
obtain sensitive information being passed through those processes. The
Common Vulnerabilities and Exposures project (cve.mitre.org) assigned
the name CVE-2006-1056 to this issue.

A minor info leak in socket name handling in the network code
(CVE-2006-1342).
A minor info leak in socket option handling in the network code
(CVE-2006-1343).
A directory traversal vulnerability in smbfs that allowed a local user
to escape chroot restrictions for an SMB-mounted filesystem via "…\\"
sequences (CVE-2006-1864).
A flaw in the mprotect system call that allowed to give write permission
to a readonly attachment of shared memory (CVE-2006-2071).

The non-security-related fixes are documented on the patch download page.

  1. Solution:

Upgrade to the latest update package for your release of ESX.
http://www.vmware.com/download/esx/

http://www.vmware.com/download/esx/esx-254-200610-patch.html

The md5 checksum output should match the following:
6bc66a5cdbfea08f762f375f2488998b esx-2.5.4-32461-upgrade.tar.gz

  1. References:
    http://www.vmware.com/download/esx/esx-254-200610-patch.html
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1056
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071
    http://www.vmware.com/products/esx/
    http://www.vmware.com/download/esx/

  2. Contact:

http://www.vmware.com/security

VMware Security Response Policy
http://www.vmware.com/vmtn/technology/security/security_response.html

E-mail: [email protected]

Copyright 2006 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFWP4q6KjQhy2pPmkRCJLcAKC8hclWfRdKXjT8RfYEsLykp1lcOQCfZvve
Wm8ulAa7VayW5kYj/a75mcg=
=rbyq
-----END PGP SIGNATURE-----

Related

securityvulns 9
redhat 13
centos 14
nessus 78
vmware 1
debian 8
gentoo 1
ubuntu 6
openvas 17
cve 13
ubuntucve 10
debiancve 4
prion 9
suse 3
freebsd 3
freebsd_advisory 2
xen 1
oraclelinux 3
osv 4
securityvulns
securityvulns
VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
2006-11-14 00:00:00
VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2
2006-11-14 00:00:00
VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2
2006-11-14 00:00:00
redhat
redhat
(RHSA-2006:0579) kernel security update
2006-07-13 00:00:00
(RHSA-2006:0580) kernel security update
2006-07-13 00:00:00
(RHSA-2006:0634) xorg-x11 security update
2006-08-21 00:00:00
centos
centos
kernel security update
2006-07-17 05:19:27
xorg security update
2006-08-24 00:39:55
XFree86 security update
2006-08-22 12:09:22
nessus
nessus
RHEL 2.1 : kernel (RHSA-2006:0579)
2006-07-17 00:00:00
RHEL 4 : xorg-x11 (RHSA-2006:0634)
2006-08-23 00:00:00
RHEL 2.1 / 3 : XFree86 (RHSA-2006:0635)
2006-08-23 00:00:00
vmware
vmware
Updated Service Console packages (XFree86, UP and SMP kernels, Kerberos libraries) resolve security issues.
2007-07-05 00:00:00
debian
debian
[SECURITY] [DSA 1178-1] New freetype packages fix execution of arbitrary code
2006-09-16 17:50:59
[SECURITY] [DSA 873-1] New net-snmp packages fix denial of service
2005-10-26 18:11:20
[SECURITY] [DSA 873-1] New net-snmp packages fix denial of service
2005-10-26 18:11:20
gentoo
gentoo
LibXfont: Multiple integer overflows
2006-09-06 00:00:00
ubuntu
ubuntu
libxfont vulnerability
2006-09-07 00:00:00
ucs-snmp vulnerability
2005-11-21 00:00:00
SNMP vulnerability
2005-09-30 00:00:00
openvas
openvas
SLES9: Security update for freetype2
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200609-04 (LibXfont)
2008-09-24 00:00:00
SLES9: Security update for net-snmp
2009-10-10 00:00:00
cve
cve
CVE-2006-1342
2006-03-21 18:02:00
CVE-2006-1343
2006-03-21 18:02:00
CVE-2006-1056
2006-04-20 10:02:00
ubuntucve
ubuntucve
CVE-2006-1343
2006-03-21 00:00:00
CVE-2006-1056
2006-04-20 00:00:00
CVE-2005-2177
2005-07-11 00:00:00
debiancve
debiancve
CVE-2005-2177
2005-07-11 04:00:00
CVE-2006-3467
2006-07-21 14:03:00
CVE-2005-4837
2005-12-31 05:00:00
prion
prion
Information disclosure
2006-03-21 18:02:00
Design/Logic Flaw
2006-03-21 18:02:00
Design/Logic Flaw
2006-04-20 10:02:00
suse
suse
possible code execution in freetype2
2006-08-01 16:43:51
remote denial of service in kernel
2006-05-31 15:47:21
Security update for Xen (important)
2014-03-25 23:04:15
freebsd
freebsd
FreeBSD -- FPU information disclosure
2006-04-19 00:00:00
net-snmp -- remote DoS vulnerability
2005-07-02 00:00:00
freetype -- LWFN Files Buffer Overflow Vulnerability
2006-07-10 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-06:14.fpu
2006-04-19 00:00:00
FreeBSD-SA-06:16.smbfs
2006-05-31 00:00:00
xen
xen
Information leak on XSAVE/XRSTOR capable AMD CPUs
2013-06-03 12:00:00
oraclelinux
oraclelinux
Important: XFree86 security update
2007-03-22 00:00:00
Important kernel security update
2006-11-30 00:00:00
Important kernel security update
2006-11-30 00:00:00
osv
osv
kernel-source-2.4.27 - several vulnerabilities
2006-06-14 00:00:00
xfree86
2006-10-09 00:00:00
kernel-source-2.6.8 - several vulnerabilities
2006-06-27 00:00:00
JSON
Related for SECURITYVULNS:DOC:15011
securityvulns9redhat13centos14nessus78vmware1debian8gentoo1ubuntu6openvas17cve13ubuntucve10debiancve4prion9suse3freebsd3freebsd_advisory2xen1oraclelinux3osv4