CVE-2005-4459

Sažetak

Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html
http://secunia.com/advisories/18162
http://secunia.com/advisories/18344
http://securityreason.com/securityalert/282
http://securityreason.com/securityalert/289
http://securitytracker.com/id?1015401
http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml
http://www.kb.cert.org/vuls/id/856689
http://www.securityfocus.com/archive/1/419997/100/0/threaded
http://www.securityfocus.com/archive/1/420017/100/0/threaded
http://www.securityfocus.com/bid/15998
http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2000
http://www.vupen.com/english/advisories/2005/3013

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

30-10-2018 - 16:25

Objavljeno

21-12-2005 - 20:03