Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • October 24, 2016, 09:23:34 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Vuln. Alert: VMWare ESX RCE  (Read 1904 times)


  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Vuln. Alert: VMWare ESX RCE
« on: September 22, 2008, 06:46:12 AM »
VMWare has patched two buffer overflows in its ESX server software that could potentially allow remote code execution by an unauthenticated party.

Screenshot - 22_09_2008 , 9_47_17 PM_thumb.png

VMware has fixed critical security bugs in two of its virtualization products that could allow a remote attacker to remotely install malware on a host machine.

The patches, which apply to ESXi and ESX 3.5, fix two buffer overflow bugs that reside in a component known as openwsman. It provides web services management functionality and is enabled by default. The vulnerabilities could be exploited by people without login credentials to the system.

Full Story



  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,027
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Vuln. Alert: VMWare ESX RCE
« Reply #1 on: September 22, 2008, 10:36:48 AM »
Ugh, bug that allows to install malware on the host machine by attacking a virtualized guest? :o
- carpe noctem