Security Vulnerabilities in multiple VMware Products

Release date: 2012-03-16
Updated on: 2012-03-19

Affected Systems:
VMWare ESXi 5.x
VMWare ESXi 4.x
VMWare vCenter Server 5.x
VMWare vCenter Server 4.x
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2011-3190, CVE-2011-3375, CVE-2011-3389, CVE-2011-3516, CVE-2011-3521, CVE-2011-3544, CVE-2011-3545, CVE-2011-3546, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3550, CVE-2011-3551, CVE-2011-3552, CVE-2011-3553, CVE-2011-3556, CVE-2011-3557, CVE-2011-3558, CVE-2011-3560, CVE-2011-3561, CVE-2012-0022

VMWare is a "Virtual PC" software that enables you to run two or more Windows, DOS, and LINUX systems simultaneously on one machine.

Multiple VMWare products have multiple vulnerabilities in implementation, attackers can exploit this vulnerability to expose sensitive information, hijack user sessions, perform DNS poisoning attacks, operate on certain data, and cause access denial and control of user systems.

<* Source: vendor

Link: http://secunia.com/advisories/48444/
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

VMWare
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.vmware.com/security/