dedri
asked on
do I need to update ESXi servers
According to our vulnerability management system we need to update our ESXi 4.1U1 servers to the latest version.
I checked the patch security articles and there are just a couple of vulnerabilities that are reported by vmware.
There are not so much information which feature of the software is affected by this security hole, so I cannot decide if it is needed or not.
I had a lot of problems in the past with the installation of the updates mainly with windows server and I am very suspicous when I have to update anything.
Our ESXi server(management network) are on different network segment and connection to them are allowed only from IT department network. Virtualization software that we are using also are vcenter and srm(site recovery manager).
Could you tell me if this updates are so requered and critical, do you update constantly your vmware servers, or any advice maybe.
The most reported seems to be
•The ESX/ESXi userworld libxml2 library is updated to resolve multiple security issues
-The userworld glibc third-party library is updated to 2.5-58.el5_6.2 resolve multiple security issues
•629880: This release resolves an integer overflow issue in the SFCB that arises when the httpMaxContentLength is changed from its default value to 0 in /etc/sfcb/sfcb.cfg. The integer overflow could allow remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a large integer in the Content-Length HTTP header
I checked the patch security articles and there are just a couple of vulnerabilities that are reported by vmware.
There are not so much information which feature of the software is affected by this security hole, so I cannot decide if it is needed or not.
I had a lot of problems in the past with the installation of the updates mainly with windows server and I am very suspicous when I have to update anything.
Our ESXi server(management network) are on different network segment and connection to them are allowed only from IT department network. Virtualization software that we are using also are vcenter and srm(site recovery manager).
Could you tell me if this updates are so requered and critical, do you update constantly your vmware servers, or any advice maybe.
The most reported seems to be
•The ESX/ESXi userworld libxml2 library is updated to resolve multiple security issues
-The userworld glibc third-party library is updated to 2.5-58.el5_6.2 resolve multiple security issues
•629880: This release resolves an integer overflow issue in the SFCB that arises when the httpMaxContentLength is changed from its default value to 0 in /etc/sfcb/sfcb.cfg. The integer overflow could allow remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a large integer in the Content-Length HTTP header
Yes. Very important to keep your security holes filled.
Hi,
the lastest version is 5.1 and there are hudge updates to preformance USB redirection ando ther cool things inside even vSphere web client.
If you have managment on other secure network (VLAN) and servers are not published to the net then tehy are stabile. It is all about what hackers or employes wanted from you.
And at the last there is best practice to instal server at new and configure it again if you dont have so large network. Cousee changes to base FILE SYSTEM and FILE SYSTEM TYPE.
the lastest version is 5.1 and there are hudge updates to preformance USB redirection ando ther cool things inside even vSphere web client.
If you have managment on other secure network (VLAN) and servers are not published to the net then tehy are stabile. It is all about what hackers or employes wanted from you.
And at the last there is best practice to instal server at new and configure it again if you dont have so large network. Cousee changes to base FILE SYSTEM and FILE SYSTEM TYPE.
Although it's important to maintain and ensure you are up to date, if the patch or upgrade fixes and issue for you, you mat still find that your" vulnerability management system " still triggers on ESXi, even with the latest patches applied, because it triggers on "Linux" like components!
ASKER
Hi hanccocka,
could you clarify a little bit more what do you mean.
could you clarify a little bit more what do you mean.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
qualys is the vulrnerability system
QualysGuard Cloud Security & Compliance Suite?
ASKER
yes , the same, QualysGuard Cloud