Skip to main content

VMware ESX Server / ESXi Multiple Vulnerabilities

Last Update Date: 7 May 2012 12:39 Release Date: 7 May 2012 5591 Views

RISK: High Risk

TYPE: Operating Systems - Embedded OS

TYPE: Embedded OS

Multiple vulnerabilities have been identified in VMware ESX Server and VMware ESXi, which can be exploited by malicious users to escalated privileges, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

  1. An errors when handling RPC commands can be exploited to cause a crash and potentially execute arbitrary code.
  2. An error when parsing NFS traffic can be exploited to corrupt memory.
  3. An error in the virtual floppy device can be exploited to cause an out-of-bounds write.
  4. An error in the virtual SCSI device can be exploited to cause an out-of-bounds write.

Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution

System / Technologies affected

  • VMware ESX Server 3.x
  • VMware ESX Server 4.x
  • VMware ESXi 3.x
  • VMware ESXi 4.x
  • VMware ESXi 5.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply patch or update

Vulnerability Identifier


Source


Related Link