Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
|
|
|
|
|
|
|
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
|
|
|
|
Become a Partner and License Our Database or Notification Service
|
|
|
|
|
|
|
|
|
|
|
|
|
(VMware Issues Fix for ESX) Net-snmp SNMPv3 Authentication Bug Lets Remote Users Bypass Authentication
|
|
SecurityTracker Alert ID: 1020689 |
|
SecurityTracker URL: http://securitytracker.com/id/1020689
|
|
CVE Reference:
CVE-2008-0960
(Links to External Site)
|
Date: Aug 13 2008
|
Impact:
User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 3.0.1, 3.0.2
|
Description:
A vulnerability was reported in Net-snmp. A remote user can bypass authentication. VMware ESX Server is affected.
A remote user can send an SNMPv3 packet with a specially crafted Hash Message Authentication Code (HMAC) value to bypass the authentication function. The user can read and modify SNMP objects with the privileges of the target user.
UCD-SNMP is also affected.
SNMPv1 and SNMPv2 are not affected.
Wes Hardaker reported this vulnerability.
|
Impact:
A remote user can bypass authentication.
|
Solution:
VMware has issued a fix for ESX Server (3.0.3), which is affected by this vulnerability.
The VMware advisory is available at:
http://www.vmware.com/security/advisories/VMSA-2008-0013.html
|
Cause:
Authentication error
|
Underlying OS:
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Tue, 12 Aug 2008 09:54:31 -0700
Subject: [Security-announce]
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2008-0013
Synopsis: Updated ESX packages for OpenSSL, net-snmp, perl
Issue date: 2008-08-12
Updated on: 2008-08-12 (initial release of advisory)
CVE numbers: CVE-2007-3108, CVE-2007-5135, CVE-2008-2292,
CVE-2008-0960, CVE-2008-1927
- ------------------------------------------------------------------------
1. Summary
Updated ESX packages for OpenSSL, net-snmp, perl.
2. Relevant releases
ESX 3.0.2
ESX 3.0.1
Extended Support (Security and Bug fixes) for ESX 3.0.1 has ended on
2008-07-31. Users should plan to upgrade to at least 3.0.2 update 1
and preferably the newest release available.
3. Problem Description
I Security Issues
a. OpenSSL Binaries Updated
This fix updates the third party OpenSSL library.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-3108 and CVE-2007-5135 to the issues
addressed by this update.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows affected, patch pending
hosted * any any for patch info see VMSA-2008-0005
ESXi 3.5 ESXi affected, patch pending
ESX 3.5 ESX for patch info see VMSA-2008-0001
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX affected, patch pending
ESX 3.0.1 ESX affected, patch pending
ESX 2.5.5 ESX for patch info see VMSA-2008-0001
ESX 2.5.4 ESX for patch info see VMSA-2008-0001
* hosted products are VMware Workstation, Player, ACE, Server, Fusion
II Service Console rpm updates
a. net-snmp Security update
This fix upgrades the service console rpm for net-snmp to version
net-snmp-5.0.9-2.30E.24.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2008-2292 and CVE-2008-0960 to the issues
addressed in this update.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not applicable
hosted * any any not applicable
ESXi 3.5 ESXi not applicable
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX affected, patch pending
ESX 3.0.1 ESX affected, patch pending
ESX 2.5.5 ESX not affected
ESX 2.5.4 ESX not affected
* hosted products are VMware Workstation, Player, ACE, Server, Fusion
b. perl Security update
This fix upgrades the service console rpm for perl to version
perl-5.8.0-98.EL3.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-1927 to the issue addressed by this
update.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not applicable
hosted * any any not applicable
ESXi 3.5 ESXi not applicable
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX affected, patch pending
ESX 3.0.1 ESX affected, patch pending
ESX 2.5.5 ESX not affected
ESX 2.5.4 ESX not affected
* hosted products are VMware Workstation, Player, ACE, Server, Fusion
4. Solution
Please review the patch/release notes for your product and version
and verify the md5sum of your downloaded file.
ESX
---
ESX 3.0.3 build 104629
ESX Server 3.0.3 CD image
md5sum: c2cda9242c6981c7eba1004e8fc5626d
Upgrade package from ESX Server 2.x to ESX Server 3.0.3
md5sum: 0ad8fa4707915139d8b2343afebeb92b
Upgrade package from earlier releases of ESX Server 3 to ESX Server
3.0.3
md5sum: ff7f3dc12d34b474b231212bdf314113
release notes:
http://www.vmware.com/support/vi3/doc/releasenotes_esx303.html
5. References
CVE numbers
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927
- ------------------------------------------------------------------------
6. Change log
2008-08-12 VMSA-2008-0013
Initial release following release of ESX 3.0.3.
- ------------------------------------------------------------------------
7. Contact
E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
* security-announce at lists.vmware.com
* bugtraq at securityfocus.com
* full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center
http://www.vmware.com/security
VMware security response policy
http://www.vmware.com/support/policies/security_response.html
General support life cycle policy
http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html
Copyright 2008 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8
wj8DBQFIocAFS2KysvBH1xkRAo/IAJwJu5uDugjZnxD+/YW3HjAUM3wZZwCfZSsA
iH86tEWVgj8/JUlvAmZVqgY=
=yafn
-----END PGP SIGNATURE-----
_______________________________________________
Security-announce mailing list
Security-announce@lists.vmware.com
http://lists.vmware.com/mailman/listinfo/security-announce
|
|
Go to the Top of This SecurityTracker Archive Page
|
