5

CVE-2009-4811

Exploit
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\x90 sequence in the USER and PASS commands, a related issue to CVE-2009-3707.  NOTE: some of these details are obtained from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMwareAce Version2.5.0
VMwareAce Version2.5.1
VMwareAce Version2.5.2
VMwareAce Version2.5.3
VMwareAce Version2.5.4
VMwareAce Version2.6
VMwareAce Version2.6.1
VMwarePlayer Version2.5
VMwarePlayer Version2.5.1
VMwarePlayer Version2.5.2
VMwarePlayer Version2.5.3
VMwarePlayer Version2.5.4
VMwarePlayer Version3.0
VMwarePlayer Version3.0.1
VMwareServer Version2.0.0
VMwareServer Version2.0.1
VMwareServer Version2.0.2
VMwareWorkstation Version6.5.0
VMwareWorkstation Version6.5.1
VMwareWorkstation Version6.5.2
VMwareWorkstation Version6.5.3
VMwareWorkstation Version6.5.4
VMwareWorkstation Version7.0
VMwareWorkstation Version7.0.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.76% 0.843
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-134 Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

http://security.gentoo.org/glsa/glsa-201209-25.xml
http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html
http://lists.vmware.com/pipermail/security-announce/2010/000090.html
Patch
Vendor Advisory
http://www.vmware.com/security/advisories/VMSA-2010-0007.html
Patch
Vendor Advisory
http://www.securityfocus.com/bid/36630
Exploit
http://freetexthost.com/qr1tffkzpu
Exploit
URL Repurposed
http://pocoftheday.blogspot.com/2009/10/vmware-server-20x-remote-dos-exploit.html
Exploit