Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2234

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2234
Last Modified 07 Mar 2011 10:08:53
Published 18 Aug 2008 01:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2234

Summary

Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote attackers to execute arbitrary code via a crafted "Authorization: Basic" HTTP header.

Vulnerable Systems

Application

  • Openwsman 1.2.0

  • Openwsman 2.0.0


References

XF - openwsman-session-replay-code-execution(44484)

XF - openwsman-authentication-header-bo(44481)

VUPEN - ADV-2008-2624

VUPEN - ADV-2008-2397

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0015.html

BID - 30694

BUGTRAQ - 20080919 VMSA-2008-0015 Updated ESXi and ESX 3.5 packages address critical security issue in openwsman

SECUNIA - 31942

SECUNIA - 31429

SECUNIA - 31410

MLIST - [security-announce] 20080918 VMSA-2008-0015 Updated ESXi and ESX 3.5 packages address critical security issue in openwsman

SUSE - SUSE-SA:2008:041


Last Updated: 27 May 2016 10:47:48