VMware Products Vmware-authd Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

The host is installed with VMWare product(s) that are vulnerable to Denial of Service vulnerability.

Impact

Successful exploitation will let the attacker deny virtual machines access to local users. Impact Level : Application

Solution

Solution/Patch not available as on 4th February 2009. For further updates refer the below URLs. http://www.vmware.com/download/ws http://www.vmware.com/download/player

Insight

VMware product(s) throws an error in the vmware-authd daemon when processing overly long strings. This will terminate the vmware-authd process via an overly long 'USER' or 'PASS' strings sent to TCP port 912.

Affected

VMware Player version 2.5.1 or prior on Windows. VMware Workstation version 6.5.1 or prior on Windows.

References

http://osvdb.org/51180
http://secunia.com/advisories/33372
http://securitytracker.com/alerts/2009/Jan/1021512.html
http://www.vupen.com/english/advisories/2009/0024

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-0177
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apache Tomcat Content-Type Header Denial Of Service Vulnerability
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Mac OS X)
Apple iTunes Multiple Vulnerabilities
Asterisk T.38 Negotiation Remote Denial Of Service Vulnerability
Dell OpenManage Web Server <= 3.7.1

VMware Products vmware-authd Denial of Service Vulnerability (Win)

Take action and discover your vulnerabilities