Описание
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.
Ссылки
- Exploit
- PatchVendor Advisory
- Vendor Advisory
- US Government Resource
- Patch
- Patch
- Vendor Advisory
- Exploit
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*
cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*
cpe:2.3:a:vmware:gsx_server:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:gsx_server:3.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*
cpe:2.3:a:vmware:gsx_server:3.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:gsx_server:3.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:3.2.1:patch1:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:3.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:4.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:4.5.2_build_8848:r4:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:5.0.0_build_13124:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.63371
Средний
10 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.
EPSS
Процентиль: 98%
0.63371
Средний
10 Critical
CVSS2
Дефекты
CWE-119