Search

VMware ESX Server Multiple Vulnerabilities

Thursday, 05 April 2007 by Michel Roth

VMware has acknowledged some vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges, and malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

Additionally, a VMware internal security audit revealed the following two vulnerabilities:

1) An unspecified double free error can be exploited to cause a DoS, disclose sensitive information and may allow the execution of arbitrary code via unknown vectors.

2) An unspecified buffer overflow can be exploited to cause a DoS or gain escalated privileges via unknown vectors.

Read the full Secunia advisory here.

Related Items:

VMware ESX Server Multiple Vulnerabilities (14 November 2006)
VMWare ESX Server Multiple Vulnerabilities (9 January 2007)
VMware ESX Server Three Vulnerabilities (17 January 2005)
Citrix Metaframe XP Unspecified Buffer Overflow Vulnerability (23 December 2004)
Citrix Program Neighborhood Agent Two Vulnerabilities (26 April 2005)
VMware NAT Networking Buffer Overflow Vulnerability (21 December 2005)
VMware "vmware-config.pl" Insecure SSL Key File Permissions (21 July 2006)
VMware ESX Server Multiple Vulnerabilities (2 August 2006)
Firefox IDN URL Domain Name Buffer Overflow (13 September 2005)
Citrix Presentation Server Client Unspecified Code Execution (2 March 2007)

Comments (0)

Show/Hide comment form toggle

toggle

Our Newsletter

Stay Updated

Stay Updated!

Latest downloads

Stresstesing Provision Networks Components With DeNamiK LoadGenDeNamiK LoadGen1.3Visionapp Remote Desktop managerDeNamik Service WrapperLogin Consultants TS Task ManagerDeNamiK sftImportSoftgrid Precache All Applications Script: CacheAllSFTAppsThincomputing.net Tools v1.02

Latest Blog items