VMware

VMware ESX Server 2.0 Security Update


Released 3/17/04

TAR File

This patch includes a new update for ESX Server 2.0 and addresses vulnerabilities in the Linux kernel.

In ESX Server, the service console is implemented using a modified Linux distribution.

This patch includes a new update for ESX Server 2.0 and addresses the following security vulnerabilities in the Linux kernel:

  • Linux security exploit CAN-2004-0077
  • Linux security exploit CAN-2003-0961
    (Previously released as patch p6992)
  • Linux security exploit CAN-2003-0985
    (Previously released as patch p6992)

For more details on these security vulnerabilities please refer to the following:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0961
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985

Note: This update only works if you have ESX Server 2.0 build 5257. Please make sure that this build is installed before applying the patch.

The installer logs the name of this patch and information on the updated components in the following file:
/var/log/vmkernel-version

Installing the Update

This update will require a reboot of your ESX server to take effect. You must shutdown your virtual machines before installing the patch.

  1. Log in as root into the ESX Server 2.0 service console.
  2. Your path variable should contain /usr/bin.
  3. Download the tar file into the temporary directory /tmp, on your ESX service console.
  4. Change directory to /tmp:
    cd /tmp
  5. Verify the integrity of the package:
    md5sum esx20_update_7483.tar.gz

    The md5 checksum output should match the following:
    9b82d5a03dc139aa07d0d21affe97514 esx20_update_7483.tar.gz

  6. Extract the compressed tar archive:
    tar -xvzf esx20_update_7483.tar.gz
  7. Change directories to the newly created directory, /tmp/esx20_update_7483:
    cd esx20_update_7483
  8. Run the driver installer:
    /usr/bin/perl ./esx7483update.pl
  9. The drivers are now updated. A reboot prompt displays:
    Reboot the server now [y/n]?

    This update will not be complete until you reboot the ESX Server. If you enter N, to indicate that you will not reboot at this time, ESX Server displays the warning message:

    "Please reboot the server manually for this update to take effect. Update has been terminated unexpectedly."

    If you see this message, you must manually reboot the server to complete the driver update.

  10. At the reboot prompt, enter Y to reboot the server.