VMware has updated several third party libraries in ESX and ESXi to address multiple security vulnerabilities.
Apply the missing patch(es).
a. ESX userworld update for OpenSSL library The userworld OpenSSL library is updated to version openssl-0.9.8y to resolve multiple security issues. b. Service Console (COS) update for OpenSSL library The Service Console updates for OpenSSL library is updated to version openssl-0.9.8e-26.el5_9.1 to resolve multiple security issues. c. ESX Userworld and Service Console (COS) update for libxml2 library The ESX Userworld and Service Console libxml2 library is updated to version libxml2-2.6.26-2.1.21.el5_9.1 and libxml2-python-2.6.26-2.1.21.el5_9.1. to resolve a security issue. d. Service Console (COS) update for GnuTLS library The ESX service console GnuTLS RPM is updated to version gnutls-1.4.1-10.el5_9.1 to resolve a security issue. e. ESX third party update for Service Console kernel The ESX Service Console Operating System (COS) kernel is updated to kernel-2.6.18-348.3.1.el5 which addresses several security issues in the COS kernel.
VMware ESXi 4.1 without patch ESXi410-201307001. VMware ESX 4.1 without patch ESX410-201307001 VMware ESXi 5.0 without Update 3 VMware ESXi 4.0 without patch ESXi400-201310001 VMware ESX 4.0 without patch ESX400-201310001
Check for missing patches.
Updated on 2015-03-25
CVE CVE-2013-0166, CVE-2013-0169, CVE-2013-0268, CVE-2013-0338, CVE-2013-0871, CVE-2013-2116
CVSS Base Score: 6.9
- VMSA-2014-0002 VMware vSphere updates to third party libraries
- VMSA-2014-0012: VMware vSphere product updates address security vulnerabilities
- VMSA-2013-0009 VMware ESX and ESXi updates to third party libraries
- VMSA-2012-0018: VMware security updates for vCSA and ESXi
- VMSA-2014-0001 VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues