Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1659

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2013-1659
Last Modified 25 Feb 2013 12:00:00
Published 22 Feb 2013 03:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2013-1659

Summary

VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream.

Vulnerable Systems

Operating System

  • Vmware Esxi 3.5

  • Vmware Esxi 4.0

  • Vmware Esxi 4.1

  • Vmware Esxi 5.0

  • Vmware Esxi 5.1

Application

  • Vmware Vcenter Server 4.0

  • Vmware Vcenter Server 5.0

  • Vmware Vcenter Server Appliance 5.1

  • Vmware Vcenter Server Appliance 5.1.0a


References

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2013-0003.html


Last Updated: 27 May 2016 11:01:57