Portal Home > Knowledgebase > VMware Knowledge Base > VMware ESX 3.5, Patch ESX350-200901409-SG: Security Update for SNMP in the Service Console

VMware ESX 3.5, Patch ESX350-200901409-SG: Security Update for SNMP in the Service Console

Details

Release Date: Jan. 30, 2009

Download Size: 
2.18MB 
Download Filename: 
ESX350-200901409-SG.zip 
md5sum: 
2c75cd848d9f3c51619b9a7bd60d20a3 


Product VersionsESX 3.5
Patch ClassificationSecurity
SupersedesESX350-200808405-SG
RequiresESX350-200803214-UG
ESX350-200901402-SG
Virtual Machine Migration or Shutdown RequiredNo
Host Reboot RequiredNo
PRs Fixed345332
Affected HardwareN/A
Affected SoftwareN/A
RPMs Includednet-snmp
net-snmp-libs
net-snmp-utils
BuildN/A
Related CVE numbersCVE-2008-4309

Solution

Summaries and Symptoms

net-snmp is an implementation of the Simple Network Management Protocol (SNMP). SNMP is used by network management systems to monitor hosts.

A denial-of-service flaw was found in the way Net-SNMP processes SNMP GETBULK requests. A remote attacker who issued a specially-crafted request could cause the snmpd server to crash.

The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2008-4309 to this issue.

Deployment Considerations

None beyond the required patch bundles and reboot information listed in the table, above.

Based on VMware KB 1006659


Also Read

Language: