VMware ESX Server / ESXi Multiple Vulnerabilities

Last Update Date: 7 May 2012 12:39 Release Date: 7 May 2012 4589 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Embedded OS

TYPE: Embedded OS

Multiple vulnerabilities have been identified in VMware ESX Server and VMware ESXi, which can be exploited by malicious users to escalated privileges, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

  1. An errors when handling RPC commands can be exploited to cause a crash and potentially execute arbitrary code.
  2. An error when parsing NFS traffic can be exploited to corrupt memory.
  3. An error in the virtual floppy device can be exploited to cause an out-of-bounds write.
  4. An error in the virtual SCSI device can be exploited to cause an out-of-bounds write.

Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution

System / Technologies affected

  • VMware ESX Server 3.x
  • VMware ESX Server 4.x
  • VMware ESXi 3.x
  • VMware ESXi 4.x
  • VMware ESXi 5.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply patch or update

Vulnerability Identifier

Source

Related Link

Share with

Previous

Cisco Products Multiple Vulnerabilities

4 May 2012 5127 Views

Next

Adobe Flash Player Object Confusion Vulnerability

7 May 2012 4528 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY