Release Date: March 30, 2009
|Product Versions||ESX 3.5 Update 4|
Also see KB 1001179.
Virtual Machine Migration or Shutdown Required
|Host Reboot Required||No|
|PRs Fixed||345054 345332|
|Related CVE numbers||CVE-2008-4309|
Summaries and SymptomsThis patch includes the January 30, 2009 patch fix for ESX 3.5 U4, which is described as follows.
Security Update to SNMP in the Service Console
This patch updates the service console to resolve the following security issue:
A denial-of-service flaw was found in the way Net-SNMP processes SNMP GETBULK requests. A remote attacker who issued a specially-crafted request could cause the snmpd server to crash.
The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4309 to this issue.
None beyond the required patch bundles and reboot information listed in the table, above.
Based on VMware KB 1008095