VMware Security Advisories
VMSA-2010-0003.1
VMSA-2010-0003.1 ESX Service Console update for net-snmp
VMware Security Advisory
1. Summary
Update for Service Console package net-snmp
2. Relevant releases
VMware ESX 3.5 without patch ESX350-201002401-SG
VMware ESX 3.0.3 without patch ESX303-201002202-SG
3. Problem Description
a. Service Console package net-snmp updated
This patch updates the service console package for net-snmp, net-snmp-utils, and net-snmp-libs to version net-snmp-5.0.9-2.30E.28. This net-snmp update fixes a divide-by- zero flaw in the snmpd daemon. A remote attacker could issue a specially crafted GETBULK request that could cause the snmpd daemon to fail.
This vulnerability was introduced by an incorrect fix for CVE-2008-4309.
The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1887 to this issue.
Note: After installing the previous patch for net-snmp (ESX350-200901409-SG), running the snmpbulkwalk command with the parameter -CnX results in no output, and the snmpd daemon stops.
The following table lists what action remediates the vulnerability (column 4) if a solution is available.
VMware Product =============
Product Version ========
Running On =======
Replace with Apply Path =================
* hosted products are VMware Workstation, Player, ACE, Server, Fusion.
4. Solution
Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file.
ESX 3.5
-------
ESX350-201002401-SG
http://download3.vmware.com/software/vi/ESX350-201002401-SG.zip
md5sum: a91428cb6bc2da794f581aefd5eef010
http://kb.vmware.com/kb/1017660
ESX 3.0.3
---------
ESX303-201002202-SG
http://download3.vmware.com/software/vi/ESX303-201002202-UG.zip
md5sum: b111601ecb6978fbac40df2700d08fe2
http://kb.vmware.com/kb/1018027
5. References
CVE numbers
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1887
6. Change Log
2010-02-16 VMSA-2010-0003
Initial security advisory after release of patches for ESX 3.5
on 2010-02-16.
2010-03-08 VMSA-2010-0003.1
Update after release of ESX 3.0.3 Update 1 on 2010-03-08.
7. Contact
E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com
PGP key at:
http://kb.vmware.com/kb/1055
VMware Security Center
http://www.vmware.com/security
VMware security response policy
http://www.vmware.com/support/policies/security_response.html
General support life cycle policy
http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.