The main source-code repository for the Free Software Foundation has been taken down following an attack that compromised some of the website’s account passwords and may have gained unfettered administrative access.…
View full post on The Register – Security
Today VMWare released a Security Advisory at this URL:
http://lists.vmware.com/pipermail/security-announce/2010/000111.html
It’s an update forVMware ESX 4.1 without patch ESX410-201011001.
Here’s the problem description right off of their website:
a. Service Console OS update for COS kernel package.
This patch updates the Service Console kernel to fix a stack
pointer underflow issue in the 32-bit compatibility layer.
Exploitation of this issue could allow a local user to gain
additional privileges.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-3081 to this issue.
So if you are running this software in your enterprise, you’ll want to take a look at this one. Thanks to VMWare for this one.
– Joel Esler | http://blog.joelesler.net | http://twitter.com/joelesler
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
View full post on SANS Internet Storm Center, InfoCON: green