VMSA-2010-0007: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues

The remote ESXi is missing one or more security related Updates from VMSA-2010-0007.

VMware hosted products, vCenter Server and ESX patches resolve multiple security issues: a. Windows-based VMware Tools Unsafe Library Loading vulnerability A vulnerability in the way VMware libraries are referenced allows for arbitrary code execution in the context of the logged on user. This vulnerability is present only on Windows Guest Operating Systems. b. Windows-based VMware Tools Arbitrary Code Execution vulnerability A vulnerability in the way VMware executables are loaded allows for arbitrary code execution in the context of the logged on user. This vulnerability is present only on Windows Guest Operating Systems. c. Windows-based VMware Workstation and Player host privilege escalation A vulnerability in the USB service allows for a privilege escalation. A local attacker on the host of a Windows-based Operating System where VMware Workstation or VMware Player is installed could plant a malicious executable on the host and elevate their privileges. d. Third party library update for libpng to version 1.2.37 The libpng libraries through 1.2.35 contain an uninitialized-memory-read bug that may have security implications. Specifically, 1-bit (2-color) interlaced images whose widths are not divisible by 8 may result in several uninitialized bits at the end of certain rows in certain interlace passes being returned to the user. An application that failed to mask these out-of-bounds pixels might display or process them, albeit presumably with benign results in most cases. e. VMware VMnc Codec heap overflow vulnerabilities f. VMware Remote Console format string vulnerability VMware Remote Console (VMrc) contains a format string vulnerability. Exploitation of this issue may lead to arbitrary code execution on the system where VMrc is installed. Under the following two conditions your version of VMrc is likely to be affected: - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0 without patch ESX400-200911223-UG and - VMrc is installed on a Windows-based system g. Windows-based VMware authd remote denial of service A vulnerability in vmware-authd could cause a denial of service condition on Windows-based hosts. The denial of service is limited to a crash of authd. h. Potential information leak via hosted networking stack A vulnerability in the virtual networking stack of VMware hosted products could allow host information disclosure. i. Linux-based vmrun format string vulnerability A format string vulnerability in vmrun could allow arbitrary code execution.

VMware Workstation 7.0, VMware Workstation 6.5.3 and earlier, VMware Player 3.0, VMware Player 2.5.3 and earlier, VMware ACE 2.6, VMware ACE 2.5.3 and earlier, VMware Server 2.0.2 and earlier, VMware Fusion 3.0, VMware Fusion 2.0.6 and earlier, VMware VIX API for Windows 1.6.x, VMware ESXi 4.0 before patch ESXi400-201002402-BG VMware ESXi 3.5 before patch ESXe350-200912401-T-BG VMware ESX 4.0 without patches ESX400-201002401-BG, ESX400-200911223-UG VMware ESX 3.5 without patch ESX350-200912401-BG VMware ESX 3.0.3 without patch ESX303-201002203-UG VMware ESX 2.5.5 without Upgrade Patch 15.

Apply the missing patch(es).