[SingCERT] VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console

[ Summary ]

VMware ESXi and ESX could encounter a socket exhaustion situation which may lead to a denial of service. Updates to Likewise components and to the ESX Service Console address security vulnerabilities.

[ Affected Systems ]

  • VMware ESXi 4.1 without patch ESXi410-201104401-SG
  • VMware ESXi 4.0 without patch ESXi400-201104401-SG
  • VMware ESX 4.1 without patch ESX410-201104401-SG
  • VMware ESX 4.1 without patch ESX410-201104401-SG

[ Impact Analysis ]

By sending malicious network traffic to an ESXi or ESX host an attacker could exhaust the available sockets which would prevent further connections to the host. In the event a host becomes inaccessible its virtual machines will continue to run and have network connectivity but a reboot of the ESXi or ESX host may be required in order to be able to connect to the host again.

[ Solution/Workaround ]

Review the  VmWare Advisory and apply the fixes as soon as possible.

[ Reference ]

  • http://lists.vmware.com/pipermail/security-announce/2011/000133.html