VMSA-2014-0006: VMware Product Updates Address OpenSSL Security Vulnerabilities (remote Check) Network Vulnerability

Summary

VMware product updates address OpenSSL security vulnerabilities.

Solution

Apply the missing patch(es).

Insight

a. OpenSSL update for multiple products. OpenSSL libraries have been updated in multiple products to versions 0.9.8za and 1.0.1h in order to resolve multiple security issues.

Affected

ESXi 5.5 prior to ESXi550-201406401-SGi, ESXi 5.1 without patch ESXi510-201406401-SG, ESXi 5.0 without patch ESXi500-201407401-SG

Detection

Check the build number

References

http://www.vmware.com/security/advisories/VMSA-2014-0006.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-5298, CVE-2014-0198, CVE-2014-0224, CVE-2014-3470

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)
Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Linux)
Apple iTunes Tutorials Window Security Bypass Vulnerability (Mac OS X)
Apple Safari Multiple Memory Corruption Vulnerabilities-01 Aug14 (Mac OS X)
Apple Safari 'SRC' Remote Denial Of Service Vulnerability

VMSA-2014-0006: VMware product updates address OpenSSL security vulnerabilities (remote check)

Take action and discover your vulnerabilities