Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2097

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2008-2097
Last Modified 20 Jun 2011 12:00:00
Published 05 Jun 2008 04:32:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-2097

Summary

Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."

Vulnerable Systems

Application

  • Vmware Esx 3.5

  • Vmware Esxi 3.5


References

XF - vmware-openwsman-privilege-escalation(42875)

VUPEN - ADV-2008-1744

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0009.html

BID - 29547

BUGTRAQ - 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues

SECTRACK - 1020199

SREASON - 3922

SECUNIA - 30581

SECUNIA - 30556

SUSE - SUSE-SR:2008:012

Related Patches

VMware VMSA 2008-0009.2 VMware Fusion 2.0.1 Update for Mac (Rev 2)


Last Updated: 27 May 2016 10:47:45