Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0177

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2009-0177
Last Modified 10 Mar 2011 12:00:00
Published 20 Jan 2009 11:00:09
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0177

Summary

vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command.

Vulnerable Systems

Application

  • Vmware Ace 2.5.0

  • Vmware Ace 2.5.1

  • Vmware Fusion 2.0.1

  • Vmware Player 1.0.0

  • Vmware Player 1.0.1

  • Vmware Player 1.0.2

  • Vmware Player 1.0.3

  • Vmware Player 1.0.4

  • Vmware Player 1.0.6

  • Vmware Player 1.0.7

  • Vmware Player 1.0.8

  • Vmware Player 1.0.9

  • Vmware Player 1.05

  • Vmware Player 2.0

  • Vmware Player 2.0.1

  • Vmware Player 2.0.2

  • Vmware Player 2.0.3

  • Vmware Player 2.0.4

  • Vmware Player 2.0.5

  • Vmware Player 2.5

  • Vmware Player 2.5.1

  • Vmware Server 2.0.0

  • Vmware Workstation 4.5.3

  • Vmware Workstation 5.0

  • Vmware Workstation 5.5.0

  • Vmware Workstation 5.5.1

  • Vmware Workstation 5.5.2

  • Vmware Workstation 5.5.3

  • Vmware Workstation 5.5.4

  • Vmware Workstation 5.5.5

  • Vmware Workstation 5.5.6

  • Vmware Workstation 5.5.7

  • Vmware Workstation 5.5.8

  • Vmware Workstation 6.0

  • Vmware Workstation 6.0.1

  • Vmware Workstation 6.0.2

  • Vmware Workstation 6.0.3

  • Vmware Workstation 6.0.4

  • Vmware Workstation 6.0.5

  • Vmware Workstation 6.5

  • Vmware Workstation 6.51


References

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2009-0005.html

FULLDISC - 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues

MLIST - [security-announce] 20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues

VUPEN - ADV-2009-0944

VUPEN - ADV-2009-0024

SECTRACK - 1021512

BID - 34373

SECUNIA - 34601

SECUNIA - 33372

OSVDB - 51180

MILW0RM - 7647


Last Updated: 27 May 2016 10:50:08