The affected VMware Smart Assurance products contain a buffer overflow vulnerability which can be exploited to cause a denial of service, or possibly, arbitrary code execution
Multiple VMware Smart Assurance products contain a buffer overflow vulnerability. The vulnerability may allow a remote unauthenticated user to send a specially-crafted message over TCP or UDP to cause a denial of service, or possibly, execute arbitrary code.
The following table lists the versions of VMware Smart Assurance products affected by the problem described in ESA-2011-029 and the current Remediation Status. In the "EMC Response" column, it lists the earliest version of the products that currently have a fix available for this issue. This table will be updated as fixes for particular product versions are released.
VMWARE Impacted Products | Remediation Status | VMWARE Response (Solution ID/Version) |
VMware Smart Assurance Application Connectivity Monitor (ACM) 2.3 and earlier | Under Investigation | |
VMware Smart Assurance Adapter for Alcatel-Lucent 5620 SAM EMS (ASAM) 3.2.0.2 and earlier | Fixed | Upgrade to version 3.2.0.3 and later |
VMware Smart Assurance Server Manager (EISM) 3.0 & earlier | Under Investigation | |
VMware Smart Assurance IP Management Suite (IP) 8.1.1.1, 7.0.3.28, 7.0.4.2 and earlier | Fixed | Upgrade to versions 8.1.2, 7.0.4.3, 7.0.3.29 and later |
VMware Smart Assurance IPv6 Management Suite (IPv6) 2.0.2 and earlier | Under Investigation | |
VMware Smart Assurance MPLS Management Suite (MPLS) 4.0.0 and earlier | Fixed | Upgrade to version 4.0.1 and later |
VMware Smart Assurance Multicast Management Suite (MCAST) 2.1 and earlier | Fixed | Upgrade to version 2.1.1 and later |
VMware Smart Assurance Network Protocol Management Suite (NPM) 3.1 and earlier | Fixed | Upgrade to version 3.1.1 and later |
VMware Smart Assurance Optical Transport Management Suite (OTM) 5.1 and earlier | Under Investigation | |
VMware Smart Assurance Service Assurance Management Suite (SAM) 8.1.0.6 and earlier | Fixed | Upgrade to version 8.1.1 and later |
VMware Smart Assurance SAM Adapter Suite 1.3 and earlier | Under Investigation | |
VMware Smart Assurance Storage Insight for Availability Suite (SIA) 2.3.1 and earlier | Under Investigation | |
VMware Smart Assurance VoIP Availability Management Suite (VoIP AM) 4.0.0.3 and earlier | Fixed | Upgrade to version 4.0.0.4 and later |