Explore top 10 tips to secure your open-source projects now. Read More
×
Open VM Tools could allow unintended access to network services.
Software Description:
- open-vm-tools: Open VMware Tools for virtual machines hosted on VMware
Details:
USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that Open VM Tools incorrectly handled SAML tokens. A
remote attacker could possibly use this issue to bypass SAML token
signature verification and perform VMware Tools Guest Operations.
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): open-vm-tools 2:11.0.5-4ubuntu0.18.04.3+esm2 Ubuntu 16.04 LTS (Available with Ubuntu Pro): open-vm-tools 2:10.2.0-3~ubuntu0.16.04.1+esm3 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-6365-2
https://ubuntu.com/security/notices/USN-6365-1
CVE-2023-20900
Get the latest Linux and open source security news straight to your inbox.