Back to search

VMSA-2009-0015: Directory Traversal vulnerability (CVE-2009-3733)

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:P/I:N/A:N) November 02, 2009 November 19, 2010 February 08, 2013

Available Exploits 

Description

Directory traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5 allows remote attackers to read arbitrary files via unspecified vectors.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

  • VMware VMware ESX Server 3.5

    Upgrade VMware ESX 3.5 to build number 143198

    Download and apply the upgrade from: http://www.vmware.com/patchmgr/findPatchByReleaseName.portal

    The typical way to apply patches to VMware ESX 3.5 hosts is via the vCenter Update Manager. For details, see the vCenter Update Manager Administration Guide.

    To update ESX/ESXi hosts without using Update Manager, obtain the patch for this vulnerability by searching for the build number in the link below

  • VMware VMware ESXi Server 3.5

    Upgrade VMware ESXi 3.5 to build number 143129

    Download and apply the upgrade from: http://www.vmware.com/patchmgr/findPatchByReleaseName.portal

    The typical way to apply patches to VMware ESXi 3.5 hosts is via the vCenter Update Manager. For details, see the vCenter Update Manager Administration Guide.

    To update ESX/ESXi hosts without using Update Manager, obtain the patch for this vulnerability by searching for the build number in the link below