Vulnerabilities / Threats
1/13/2010
01:48 PM
50%
50%

VMware To Buy Zimbra From Yahoo

The open-source email and collaboration software will be used to build out VMware's virtualization infrastructure for cloud computing environments.

VMware has struck a deal with Yahoo to acquire all of Zimbra's technology and intellectual property. It plans to use Zimbra's open-source email and collaboration software to build out VMware's virtualization infrastructure for cloud computing environments. Financial terms were not disclosed.

Acquiring an email provider is an unexpected move from VMware. However, Steve Herrod, chief technology officer for the company, said Zimbra fits VMware's strategy of adding a ready-to-run application layer at the top of its vCloud software stack.

"With Zimbra, we will now offer our partners an even higher level of cloud capability; one where customers can simply use an application without worrying about the details of how and where it runs," Herrod said Tuesday in the company's blog.

VMware's cloud stack starts with its vSphere compute and storage infrastructure, which is topped by the simplified Java development environment VMware got last August with its $420 million acquisition of SpringSource. The platform provides a runtime environment for developers code, while handling all the calls to VMware's virtualization infrastructure.

Zimbra's software would be packaged with the rest of the stack "to deliver a well integrated portfolio of compute, application development and core IT service clouds," Herrod said. Along with Zimbra's e-mail, calendaring and collaboration software, other core IT services that would be at home in VMware's stack are file and print services and identity management.

"All four of these technology areas are common to companies large and small," Herrod said. "Furthermore, each area is taking growing amounts of IT attention, time, and money without furthering the ultimate goals of the company."

Zimbra offers on-premise software, which is popular among small and medium-sized businesses. It also sells its technology as a hosted service. Customers include Comcast and NTT Communications.

Overall, Zimbra technology powers more than 55 million mailboxes, according to the company. Zimbra's software also runs Yahoo Mail and Yahoo Calendar. Under the deal, Yahoo would have the right to continue to use Zimbra technology in its communication services.

The purchase is expected to close during the current quarter.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2010-5075
Published: 2014-12-27
Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.

CVE-2011-4720
Published: 2014-12-27
Hillstone HS TFTP Server 1.3.2 allows remote attackers to cause a denial of service (daemon crash) via a long filename in a (1) RRQ or (2) WRQ operation.

CVE-2011-4722
Published: 2014-12-27
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.

CVE-2012-1203
Published: 2014-12-27
Cross-site request forgery (CSRF) vulnerability in starnet/index.php in SyndeoCMS 3.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts via a save_user action.

CVE-2012-1302
Published: 2014-12-27
Multiple cross-site scripting (XSS) vulnerabilities in amMap 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the (1) data_file or (2) settings_file parameter to ammap.swf, or (3) the data_file parameter to amtimeline.swf.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.