VMware has updated VMware ESXi and ESX to address a vulnerability in an unhandled exception in the NFC protocol handler.
Apply the missing patch(es).
VMware ESXi and ESX NFC Protocol Unhandled Exception VMware ESXi and ESX contain a vulnerability in the handling of the Network File Copy (NFC) protocol. To exploit this vulnerability, an attacker must intercept and modify the NFC traffic between ESXi/ESX and the client. Exploitation of the issue may lead to a Denial of Service. To reduce the likelihood of exploitation, vSphere components should be deployed on an isolated management network
VMware ESXi 5.1 without patch ESXi510-201307101 VMware ESXi 5.0 without patch ESXi500-201308101 VMware ESXi 4.1 without patch ESXi410-201304401 VMware ESXi 4.0 without patch ESXi400-201305401 VMware ESX 4.1 without patch ESX410-201304401 VMware ESX 4.0 without patch ESX400-201305401
Check if the patch for VMSA-2013-0011 is installed.
Updated on 2015-03-25
- VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX
- VMSA-2014-0012: VMware vSphere product updates address security vulnerabilities
- VMSA-2013-0004 VMware ESXi security update for third party library
- VMSA-2014-0006: VMware product updates address OpenSSL security vulnerabilities
- VMSA-2013-0011 VMware ESX and ESXi updates to third party libraries