Bug 193203

Summary:	app-emulation/vmware-* Multiple issues in multiple versions
Product:	Gentoo Security	Reporter:	Robert Buchholz (RETIRED) <rbu>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED DUPLICATE
Severity:	blocker	CC:	vmware+disabled
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://www.frsirt.com/english/advisories/2007/3229
Whiteboard:	B0 [ebuild]
Package list:		Runtime testing required:	---

Description Robert Buchholz (RETIRED) gentoo-dev

2007-09-20 16:26:59 UTC

Multiple vulnerabilities have been identified in various VMware products, which could be exploited by attackers or malicious users to bypass security restrictions, cause a denial of service or take complete control of an affected system.

Please see the URL for a full list of issues and CVE-names.

This means for us:

vmware-workstation
  stable   5.5.4.44386 -> 5.5.5.56455
  unstable 6.0.0.45731 -> 6.0.1.55017
  is 4.5.3.19414 affected?

vmware-player
  stable   1.0.2.29634 / 1.0.3.34682-r1 -> 1.0.5.56455
  unstable 2.0.0.45731 -> 2.0.1.55017

vMware-server
  unstable 1.0.3.44356 ->  1.0.4.56528

vmware-esx-console
  unstable 2.5.2.16390 / 2.5.3.24171 -> ??
  is there an update for this?

Do we have VMware ACE ?

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2007-09-20 16:27:59 UTC

vmware, please advise.

Comment 2 Robert Buchholz (RETIRED) gentoo-dev

2007-09-20 16:30:35 UTC

Depending on the source, VMware ESX 3.0.2 is either affected or not.

Comment 3 Mike Auty (RETIRED) gentoo-dev

2007-09-20 16:35:08 UTC


*** This bug has been marked as a duplicate of bug 193196 ***