BugZero | VMware BugID 2091104 - VMware vCenter Converter Standalone 5.5.3 Patch Re...

OPERATIONAL DEFECT DATABASE

...

BugZero | VMware BugID 2091104 - VMware vCenter Converter Standalone 5.5.3 Patch Re...

VMware - Defect ID: 2091104

VMware vCenter Converter Standalone 5.5.3 Patch Release

VMware - Defect ID: 2091104

VMware vCenter Converter Standalone 5.5.3 Patch Release

Last updated on December 16th, 2014

BugZero Risk Score
3.8 Low

Overall: N/A

Severity: N/A

Community: N/A

Lifecycle: N/A

What is the BugZero Risk Score?

VMware Integration

Learn more about where this data comes from

VMware Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Description

Details

Released 9 OCT 2014 | Build 2183569 | vCenter Converter Standalone 5.5.2 Release Notes A critical security vulnerability in the Bash shell, also referred to as Shellshock, has been identified. Exploitation of this issue might lead to remote code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278 to this issue. During Linux P2V conversions, Converter Standalone is running a Helper VM at the destination location. The Helper VM of vCenter Converter Standalone 5.5.2 might use the Bash shell which is part of the Linux operating system. In case the operating system has a vulnerable version of Bash, the Bash security vulnerability might be exploited through the helper VM. The vCenter Converter Standalone 5.5.3 release fixes the Bash shell vulnerability. The VMware vCenter Converter Standalone 5.5.3 release provides an update to OpenSSL library, which addresses multiple security issues. The OpenSSL library is updated to version openssl-0.9.8zb to address CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, and CVE-2014-3510.

Solution

If you are running vCenter Converter Standalone 5.5.2, upgrade to vCenter Converter Standalone 5.5.3 Note: Task history and other application data are not preserved during the upgrade. Log in to Customer Connect and download the installation package for vCenter Converter Standalone 5.5.3 from the following location: https://customerconnect.vmware.com/downloads/info/slug/infrastructure_operations_management/vmware_vcenter_converter_standalone/5_5.Run the installer and follow the on-screen prompts to complete the upgrade operation. Additional Information For translated versions of this article, see: 简体中文: VMware vCenter Converter Standalone 5.5.3 修补程序版本 (2100426)日本語: VMware vCenter Converter Standalone 5.5.3 パッチリリース (2100711)

Change history

Top VMware Defects

No bugs this month

VMware Integration

Learn more about where this data comes from

VMware Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

VMware - Defect ID: 2091104

VMware vCenter Converter Standalone 5.5.3 Patch Release

VMware - Defect ID: 2091104

VMware vCenter Converter Standalone 5.5.3 Patch Release

Last updated on December 16th, 2014

BugZero Risk Score3.8 Low

Bug Details

Details

Solution

Links

Top VMware Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
3.8 Low