Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
 
Search the VMware Knowledge Base (KB)   View by Article ID
 

VMware ESX 3.5 Patch ESX350-201203405-SG: Updates dhclient (2009159)

Details

Release date: March 9, 2012

Download Size
223 KB

Download Filename
ESX350-201203405-SG.zip
 
md5sum
5103d34dbf40a350cfdce5f1f495ac98
 
sha1sum
df4e201dbc542d77b8b85a62551817aa0dee821a
 
Product
ESX 3.5
Build Information
604481
Patch Classification
Security
Supersedes
ESX350-200910406-SG
Requires
ESX350-201012404-BG
ESX350-201012410-BG
Virtual Machine Migration or Reboot Required
No
Host Reboot Required
No
PRs Fixed
726531
Affected Hardware
N/A
Affected Software
N/A
RPMs Included
dhclient
Related CVE numbers
CVE-2011-0997

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Solution

Summaries and Symptoms

This patch updates the dhclient RPM for the ESX service console to dhclient-3.0.1-10.3_EL3. This update resolves a security issue involving improper sanitization of a few options in DHCP server replies that could allow a remote attacker to run arbitrary code with context dependent privileges.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-0997 to these issues.

Deployment Considerations

None beyond the required patch bundles and reboot information listed in the table, above.

Patch Download and Installation

For information about how to use Update Manager to download and install patches to automatically update ESX 3.5 hosts, see the vCenter Update Manager Administration Guide.
To update ESX 3.5 hosts without using Update Manager, download the most recent patch bundle from http://www.vmware.com/download/vi/vi3_patches_36.html and install the bundle using esxupdate from the command line of the host. See the ESX Server 3 Patch Management Guide.

Update History

April 17, 2012: Link to vCenter Update Manager Administration Guide rectified.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 0 Ratings
Actions
KB: