avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • January 21, 2019, 03:15 AM
  • Proudly celebrating 13 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Vuln. Alert: VMWare ESX RCE  (Read 2418 times)


  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Vuln. Alert: VMWare ESX RCE
« on: September 22, 2008, 06:46 AM »
VMWare has patched two buffer overflows in its ESX server software that could potentially allow remote code execution by an unauthenticated party.

Screenshot - 22_09_2008 , 9_47_17 PM_thumb.png

VMware has fixed critical security bugs in two of its virtualization products that could allow a remote attacker to remotely install malware on a host machine.

The patches, which apply to ESXi and ESX 3.5, fix two buffer overflow bugs that reside in a component known as openwsman. It provides web services management functionality and is enabled by default. The vulnerabilities could be exploited by people without login credentials to the system.

Full Story



  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,134
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Vuln. Alert: VMWare ESX RCE
« Reply #1 on: September 22, 2008, 10:36 AM »
Ugh, bug that allows to install malware on the host machine by attacking a virtualized guest? :o
- carpe noctem