VMware ESX Server 3.5, Patch ESX350-200805504-SG: Security Update to the Service Console for Cyrus SASL

Details

Release Date: 03 JUNE 2008 
Document Last Updated: 03 JUNE 2008

 

Download Size: 
280 KB 
Download Filename: 
ESX350-200805504-SG.zip 
md5sum: 
4c1b1a8dcb09a636b55c64c290f7de51

Product VersionsESX Server 3.5
Patch ClassificationSecurity
SupersedesNone
RequiresESX350-200805502-BG
Virtual Machine Migration or Reboot RequiredNo
ESX Server Host Reboot RequiredNo
PRs Fixed255470
Affected HardwareN/A
Affected SoftwareCyrus SASL
RPMs Included

cyrus-sasl-2.1.15-15.i386.rpm
cyrus-sasl-md5-2.1.15-15.i386.rpm

Related CVE numbersCVE-2006-1721


Solution

Summaries and Symptoms

This patch includes an updated cyrus-sasl package for the ESX Server service console that corrects a security issue found in the DIGEST-MD5 authentication mechanism of Cyrus' implementation of Simple Authentication and Security Layer (SASL). As a result of this issue in the authentication mechanism, a remote unauthenticated attacker might be able to cause a denial of service error on the server.
 
Deployment Considerations

None beyond the required patch bundles and reboot information listed in the table, above.

Based on VMware KB 1004640

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Hardware and firmware requirements for 64-bit guest operating systems

PurposeThis article explains the host machine hardware and firmware requirements for installing...

Logging in to the vCenter Server 5.0 Web Client fails with the error: unable to connect to vCenter Inventory Service

DetailsAfter upgrading from vCenter Server 4.1 to 5.0, you experience these symptoms:Cannot log...

Multiple network entries in vCenter Server 5.0.x after migrating virtual machines from a virtual switch to a virtual distributed switch

SymptomsAfter migrating virtual machines from a virtual switch to a virtual Distributed...

Minimum requirements for the VMware vCenter Server 5.x Appliance

PurposeIf you are using the VMware vCenter Server Appliance, beginning with vSphere 5.0 you can...