VMware
 

Knowledge Base

Search the Knowledge Base:
Products:
Search In:
 

ESX Server 3.0.2, Patch ESX-1001724; Security Updates

Details

Release Date: 9/21/07
Document Last Updated: 9/21/07
 
 
Download Now
Download Size:
4.8 MB
Download Filename:
ESX-1001724.tgz
md5sum:
2dd9a4538c811a5e8f6d582b6a9a19b5
Product Versions ESX Server 3.0.2
Patch Classification Security
Superceded By None
Virtual Machine Migration or Reboot Required Yes
ESX Server Host Reboot Required No
Affected Hardware N/A
Affected Software Third-party patch management or custom patch managements scripts might be affected.
RPMs Updated VMware-esx-vmx
Related CVE numbers CVE-2007-4496, CVE-2007-4497
 

Summary

This patch fixes the following security issues:

  • Fixes a security vulnerability that could allow a guest operating system user with administrative privileges to cause memory corruption in a host process, and thus potentially execute arbitrary code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4496.

    Thanks to Rafal Wojtczvk of McAfee for identifying and reporting this issue.

  • Fixes a denial of service vulnerability that could allow a guest operating system to cause a host process to become unresponsive or exit unexpectedly. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4497.

    Thanks to Rafal Wojtczvk of McAfee for identifying and reporting this issue.

Solution

Symptoms

There are no symptoms available for the security fixes.

Impact

This patch resolves the security issues described above.

Download Instructions

Download and verify the patch bundle as follows:

  1. Download patch ESX-1001724 by clicking on the link above.
  2. Log in to the ESX Server service console as root.
  3. Create a local depot directory.

    # mkdir -p /var/updates

    Note: VMware recommends that you use the updates directory.

  4. Change your working directory to /var/updates.

    # cd /var/updates

  5. Download the tar file into the /var/updates directory.
  6. Verify the integrity of the downloaded tar file:

    # md5sum ESX-1001724.tgz

    The md5 checksum output should match the following:

    2dd9a4538c811a5e8f6d582b6a9a19b5 ESX-1001724.tgz

  7. Extract the compressed tar archive:

    # tar -xvzf ESX-1001724.tgz

  8. Change to the newly created directory, /var/updates/ESX-1001724:

    # cd ESX-1001724

Installation Instructions

Note: All virtual machines on the host must be either shut down or migrated using VMotion before applying the patch.
 
After you have downloaded and extracted the archive, and if you are in the directory you created above, install the update using the following command:

# esxupdate update

To run esxupdate from a different directory, you must specify the bundle path in the command:

# esxupdate -r file://<directory>/ESX-1001724 update

For example, if the host is called depot:

# esxupdate -r file:///depot/var/updates/ESX-1001724 update

During the update process, logs appear on the terminal. You can specify the verbosity of esxupdate logs by using the -v option as shown below.

# esxupdate -v 10 file://<directory>/ESX-1001724 update

For more information on using esxupdate, refer to the Patch Management for ESX Server 3 tech note at http://www.vmware.com/pdf/esx3_esxupdate.pdf.

Keywords

esxpatch;esx302;alertz;urlz

Feedback

Rate this article:
(1 Ratings)

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
Email address (optional)
Submit
Rate this article:
(1 Ratings)
Actions
  • KB Article: 1001724
  • Updated: Aug 14, 2009
  • Products:
    VMware ESX
  • Product Versions:
    VMware ESX 3.0.x