We are running on ESX 3.5 U5 with VC 2.5. Recently we had a Network Vulnerability audit done on our network and few vulnerabilities have been exposed on ESX & VC Server and we need to do the following upgrades to overcome the same.
1. We need to Upgrade to OpenSSL 0.9.8j or later on the ESX Servers. The current version is 0.9.7a. Kindly let me know the implications of upgrading to the same. Will it have any impact on the operations of ESX ?
2. The version of ntpd running on the VC 2.5 Server (Windows 2003) has a denial of service vulnerability, we need to upgrade to NTP 4.2.4p8 or later. How can we find the current version of NTPD on the VC Server? And again, would like to know what will be implications of this upgradation of the VC Server operations.
Thanks in advance,