VMware ESX 4.0, Patch ESX400-200912404-SG: Updates DHCP (1016294)
Summaries and Symptoms
This patch contains a fix for a security vulnerability in the ISC third-party DHCP client. This vulnerability allows for code execution in the client by a remote DHCP server through a specially crafted subnet-mask option.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-0692 to this issue.
None beyond the required patch bundles and reboot information listed in the table above.
Patch Download and Installation
See the VMware vCenter Update Manager Administration Guide for instructions on using Update Manager to download and install patches to automatically update ESX 4.0 hosts.
To update ESX 4.0 hosts when not using Update Manager, download the patch zip file from http://support.vmware.com/selfsupport/download/ and install the bulletin using esxupdate from the command line of the host. For more information, see the ESX 4 Patch Management Guide.