[Security-announce] UPDATED VMSA-2012-0018.1 VMware security updates for vCSA, vCenter Server, and ESXi
VMware Security Announcements
security-announce at lists.vmware.com
Thu Feb 21 21:20:14 PST 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -----------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2012-0018.1
Synopsis: VMware security updates for vCSA, vCenter Server, and ESXi
Issue date: 2012-12-20
Updated on: 2013-02-21
CVE numbers: ------------- vCSA ---------------
CVE-2012-6324, CVE-2012-6325
------------- glibc --------------
CVE-2009-5029, CVE-2009-5064, CVE-2010-0830,
CVE-2011-1089, CVE-2011-4609, CVE-2012-0864,
CVE-2012-3404, CVE-2012-3405, CVE-2012-3406,
CVE-2012-3480
--------- vCenter Server ---------
CVE-2012-6326
- --------------------------------------------------------------------
1. Summary
VMware has updated vCenter Server Appliance (vCSA), vCenter Server,
and ESXi to address multiple security vulnerabilities.
2. Relevant releases
- vCenter Server Appliance 5.1 prior to 5.1.0b
- vCenter Server Appliance 5.0 prior to 5.0 Update 2
- vCenter Server 5.0 without Update 2
- vCenter Server 4.1 without Update 3
- VMware ESXi 5.1 without patch ESXi510-201212101
- VMware ESXi 5.0 without patch ESXi500-201212101
3. Problem Description
a. vCenter Server Appliance directory traversal
The vCenter Server Appliance (vCSA) contains a directory
traversal vulnerability that allows an authenticated remote user
to retrieve arbitrary files. Exploitation of this issue may
expose sensitive information stored on the server.
VMware would like to thank Alexander Minozhenko from ERPScan for
reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2012-6324 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======== ======= =================
vCSA 5.1 Linux 5.1.0b
vCSA 5.0 Linux 5.0 Update 2
b. vCenter Server Appliance arbitrary file download
The vCenter Server Appliance (vCSA) contains an XML parsing
vulnerability that allows an authenticated remote user to
retrieve arbitrary files. Exploitation of this issue may expose
sensitive information stored on the server.
VMware would like to thank Alexander Minozhenko from ERPScan for
reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2012-6325 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======== ======= =================
vCSA 5.1 Linux not affected
vCSA 5.0 Linux 5.0 Update 2
c. Update to ESX glibc package
The ESX glibc package is updated to version glibc-2.5-81.el5_8.1
to resolve multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-5029, CVE-2009-5064,
CVE-2010-0830, CVE-2011-1089, CVE-2011-4609, CVE-2012-0864
CVE-2012-3404, CVE-2012-3405, CVE-2012-3406 and CVE-2012-3480 to
these issues.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======== ======= =================
ESXi 5.1 ESXi ESXi510-201212101
ESXi 5.0 ESXi ESXi500-201212101
ESXi 4.1 ESXi no patch planned
ESXi 4.0 ESXi no patch planned
ESXi 3.5 ESXi not applicable
ESX any ESX not applicable
d. vCenter Server and vCSA webservice logging denial of service
The vCenter Server and vCenter Server Appliance (vCSA) both
contain a vulnerability that allows unauthenticated remote users
to create abnormally large log entries. Exploitation of this
issue may allow an attacker to fill the system volume of the
vCenter host or appliance VM and create a denial-of-service
condition.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2012-6326 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============== ======== ======= =================
vCenter Server 5.1 Windows not affected
vCenter Server 5.0 Windows 5.0 Update 2
vCenter Server 4.1 Windows 4.1 Update 3
vCenter Server 4.0 Windows not affected
VirtualCenter 2.5 Windows not affected
vCSA 5.1 Linux not affected
vCSA 5.0 Linux 5.0 Update 2
ESX/ESXi any any not affected
4. Solution
Please review the patch/release notes for your product and
version and verify the checksum of your downloaded file.
vCenter Server 5.1.0b
---------------------------
Download link:
https://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/5_1
Release Notes:
https://www.vmware.com/support/vsphere5/doc/vsphere-vcenter-server-510b-release-notes.html
vCenter Server 5.0 Update 2
---------------------
Download link:
https://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/5_0
Release Notes:
https://www.vmware.com/support/vsphere5/doc/vsp_vc50_u2_rel_notes.html
vCenter Server 4.1 Update 3
---------------------------
Download link:
https://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/4_1
Release Notes:
https://www.vmware.com/support/vsphere4/doc/vsp_vc41_u3_rel_notes.html
ESXi and ESX
------------
The download for ESXi includes vCenter Server Appliance.
https://my.vmware.com/web/vmware/downloads
ESXi 5.1
--------
File: ESXi510-201212001.zip
md5sum: 81d562c00942973f13520afac4868748
sha1sum: ec1ff6d3e3c9b127252ba1b710c74119f1164786
http://kb.vmware.com/kb/2035775
ESXi510-201212001 contains ESXi510-201212101
ESXi 5.0
--------
File: update-from-esxi5.0-5.0_update02.zip
md5sum: ab8f7f258932a39f7d3e7877787fd198
sha1sum: b65bacab4e38cf144e223cff4770501b5bd23334
http://kb.vmware.com/kb/2033751
update-from-esxi5.0-5.0_update02.zip contains ESXi500-201212101
5. References
------------- vCSA ---------------
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6325
------------- glibc --------------
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4609
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3404
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3405
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3406
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3480
--------- vCenter Server ---------
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6326
- --------------------------------------------------------------------
6. Change log
2012-12-20 VMSA-2012-0018
Initial security advisory in conjunction with the release of
vSphere 5.1.0b and vSphere 5.0 Update 2 on 2012-12-20.
2013-02-21 VMSA-2012-0018.1
Updated security advisory to add section 3d, which documents
CVE-2012-6326.
- --------------------------------------------------------------------
7. Contact
E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
* security-announce at lists.vmware.com
* bugtraq at securityfocus.com
* full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories
http://www.vmware.com/security/advisories
VMware security response policy
http://www.vmware.com/support/policies/security_response.html
General support life cycle policy
http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html
Copyright 2013 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iEYEARECAAYFAlEm/wsACgkQDEcm8Vbi9kOCSQCg95u3qkMURQVpgeE0ip0tnnjk
nEcAoKSj2vfp0V9S1m8SBMVqfWve1yeu
=Wqee
-----END PGP SIGNATURE-----
More information about the Security-announce
mailing list