Closing openwsman
VMware has fixed critical security bugs in two of its virtualization products that could allow a remote attacker to remotely install malware on a host machine. The patches, which apply to ESXi and ESX 3.5, fix two buffer overflow bugs that reside in a component known as openwsman. It provides web services management functionality and is enabled by default. The vulnerabilities could be exploited by people without login credentials to the system, VMware warns here. VMware went on to say the bug ca...