Microsoft Windows » vmwarenews.de

VMware Infrastructure 3: Advanced Technical Design Guide Downloads

Allgemein, Updates Kommentare deaktiviert

Jul 212009

The book “VMware Infrastructure 3 Advanced Technical Design Guide and Advanced Operations Guide“ by Scott Herold, Ron Oglesby and Mike Laverick are available as a free PDF Download.

Download your FREE copy at vmguru.com >> http://www.vmguru.com/index.php/component/content/article/83

Much thanks to the authors

I have the book in front of a half year purchased and it´s really great

VMware vSphere 4 Licensing For Virtual Infrastructure 3 Customers (Rus) (slideshare.net)
vSphere Design/Upgrade Considerations Redux (virtualtacit.com)
windows 7 (7100) with vmware 2.0 // testing websites with internet explorer 8 (me.dm)
Use VNC To Remote Display Your VMware VMs (phoneboy.com)

Sicherheits-Update für VMware ESX 4.0.0 - udev, sudo und curl betroffen

Allgemein, Updates Kommentare deaktiviert

Jul 152009

- ------------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID:       VMSA-2009-0009
Synopsis:          ESX Service Console updates for udev, sudo, and curl
Issue date:        2009-07-10
Updated on:        2009-07-10 (initial release of advisory)
CVE numbers:       CVE-2009-1185 CVE-2009-0034 CVE-2009-0037
- ------------------------------------------------------------------------

1. Summary

   Update for Service Console packages udev,sudo, and curl

2. Relevant releases

   VMware ESX 4.0.0 without bulletin ESX400-200906411-SG,
   ESX400-200906406-SG, ESX400-200906407-SG.

3. Problem Description

 a. Service Console package udev

    A vulnerability in the udev program did not verify whether a NETLINK
    message originates from kernel space, which allows local users to
    gain privileges by sending a NETLINK message from user space.

    The Common Vulnerabilities and Exposures Project (cve.mitre.org)
    has assigned the name CVE-2009-1185 to this issue.

    Please see http://kb.vmware.com/kb/1011786 for details.

    The following table lists what action remediates the vulnerability
    (column 4) if a solution is available.

    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected

    hosted *       any       any      not affected

    ESXi           any       ESXi     not affected

    ESX            4.0       ESX      ESX400-200906411-SG
    ESX            3.5       ESX      not affected
    ESX            3.0.3     ESX      not affected
    ESX            3.0.2     ESX      not affected
    ESX            2.5.5     ESX      not affected

  * hosted products are VMware Workstation, Player, ACE, Server, Fusion.

.............
.............

4. Solution

   Please review the patch/release notes for your product and version
   and verify the md5sum of your downloaded file.

   ESX 4.0
   -------
   ESX400-200906001
   http://tinyurl.com/ncfu5s
   md5sum:cab549922f3429b236633c0e81351cde
   sha1sum:aff76554ec5ee3c915eb4eac02e62c131163059a

   Note: ESX400-200906001 contains the following security fixes
         ESX400-200906411-SG, ESX400-200906406-SG, ESX400-200906405-SG,
         ESX400-200906407-SG.

   To install an individual bulletin use esxupdate with the -b option.
   esxupdate --bundle ESX400-200906001.zip -b ESX400-200906411-SG \
   -b ESX400-200906406-SG -b ESX400-200906405-SG -b \
   ESX400-200906407-SG update

Via >> http://lists.vmware.com/pipermail/security-announce/2009/000060.html