The flaw lies in the Kerberos authentication protocol, which is included in ESX, but is not enabled by default. ESX 3.5.0 is vulnerable to the problem, which can be resolved by installing the new package that the company has released. The patch is available in the company s Knowledge Base article on the ESX flaw, which also has a new Knowledge Base Article on the flaw. The fix is available to download and use the patch to fix the problem.
Source: https://threatpost.com/vmware-fixes-kerberos-flaw-esx-070109/72829/