First published: Wed Dec 21 2005(Updated: )
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
VMware GSX Server | =3.0_build_7592 | |
VMware GSX Server | =3.2 | |
VMware ACE | =1.0 | |
VMware Workstation and ESXi | =5.0.0_build_13124 | |
VMware Workstation and ESXi | =4.0 | |
VMware GSX Server | =2.5.2 | |
VMware Workstation and ESXi | =4.0.1 | |
VMware Workstation and ESXi | =3.4 | |
VMware Workstation and ESXi | =5.5 | |
VMware Workstation and ESXi | =4.0.2 | |
VMware Workstation and ESXi | =3.2.1-patch1 | |
VMware GSX Server | =3.0 | |
VMware Workstation and ESXi | =4.5.2_build_8848-r4 | |
VMware GSX Server | =2.0 | |
VMware GSX Server | =2.5.1_build_5336 | |
VMware GSX Server | =2.5.1 | |
VMware Player | =1.0.0 | |
VMware GSX Server | =3.1 | |
VMware GSX Server | =2.0.1_build_2129 | |
VMware Workstation and ESXi | =4.5.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2005-4459 has a high severity rating due to its potential for remote code execution.
To fix CVE-2005-4459, update the affected VMware products to the latest patched versions provided by VMware.
CVE-2005-4459 affects VMware Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0.
CVE-2005-4459 is a heap-based buffer overflow vulnerability.
Yes, CVE-2005-4459 can be exploited remotely by authenticated attackers.