ESX Server 3.0.2, Patch ESX-1008409: Updated Service Console Package OpenSSL 0.9.7a-33.25 (1008409)
OpenSSL 0.9.7a-33.24 and earlier does not properly check the return value from the EVP_VerifyFinal function, which could allow a remote attacker to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
This patch fixes this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-5077 to this issue.
Download and verify the patch bundle as follows:
- Download patch ESX-1008409 from http://www.vmware.com/download/vi/vi3_patches.html .
- Log in to the ESX Server service console as root.
- Create a local depot directory.
# mkdir -p /var/updates
Note: VMware recommends that you use the updates directory.
- Change your working directory to /var/updates.
# cd /var/updates
- Download the tar file into the /var/updates directory.
- Verify the integrity of the downloaded tar file:
# md5sum ESX-1008409.tgz
The md5 checksum output should match the following:
- Extract the compressed tar archive:
# tar -xvzf ESX-1008409.tgz
- Change to the newly created directory, /var/updates/ESX-1008409:
# cd ESX-1008409
After you download and extract the archive, and if you are in the directory that you previously created, use the following command to install the update:
# esxupdate update
To run esxupdate from a different directory, you must specify the bundle path in the command:
# esxupdate -r file://<directory>/ESX-1008409 update
For example, if the host is called depot:
# esxupdate -r file:///depot/var/updates/ESX-1008409 update
During the update process, logs appear on the terminal. You can specify the verbosity of esxupdate logs by using the -v option as shown, below.
# esxupdate -v 10 file://<directory>/ESX-1008409 update
For more information on how to use esxupdate, see the Patch Management for ESX Server 3 tech note at http://www.vmware.com/pdf/esx3_esxupdate.pdf.