VUPEN Security - VMware ESX Server Code Execution and Security Bypass Vulnerabilities / Exploit (Security Advisories)

	Contact \| Site en Français

Vulnerabilities & Threats

VUPEN Security Advisories

Linux Security Advisories

Threat Watch Blog

Zero-Day Monitor

Search Engine

Mailing List & RSS

>> VMware ESX Server Code Execution and Security Bypass Vulnerabilities

Title : VMware ESX Server Code Execution and Security Bypass Vulnerabilities
VUPEN ID : VUPEN/ADV-2008-0064
CVE ID : CVE-2007-3108 - CVE-2007-4572 - CVE-2007-5116 - CVE-2007-5135 - CVE-2007-5191 - CVE-2007-5360 - CVE-2007-5398
Rated as : High Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2008-01-08

Technical Description

Multiple vulnerabilities have been identified in VMware ESX Server, which could be exploited by attackers to bypass security restrictions or execute arbitrary code. These issues are caused by errors in OpenPegasus, Samba, util-linux, Perl, and OpenSSL. For additional information, see : VUPEN/ADV-2008-0063 - VUPEN/ADV-2007-3869 - VUPEN/ADV-2007-3417 - VUPEN/ADV-2007-3724 - VUPEN/ADV-2007-2759 - VUPEN/ADV-2007-3325

Affected Products

VMware ESX Server versions 3.x
VMware ESX Server versions 2.x

Solution

Latest News

>> 2009-07-06