CVE-2005-4459: Buffer Overflow
First published: Wed Dec 21 2005(Updated: )
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware GSX Server | =3.0_build_7592 | |
| VMware GSX Server | =3.2 | |
| VMware ACE | =1.0 | |
| VMware Workstation and ESXi | =5.0.0_build_13124 | |
| VMware Workstation and ESXi | =4.0 | |
| VMware GSX Server | =2.5.2 | |
| VMware Workstation and ESXi | =4.0.1 | |
| VMware Workstation and ESXi | =3.4 | |
| VMware Workstation and ESXi | =5.5 | |
| VMware Workstation and ESXi | =4.0.2 | |
| VMware Workstation and ESXi | =3.2.1-patch1 | |
| VMware GSX Server | =3.0 | |
| VMware Workstation and ESXi | =4.5.2_build_8848-r4 | |
| VMware GSX Server | =2.0 | |
| VMware GSX Server | =2.5.1_build_5336 | |
| VMware GSX Server | =2.5.1 | |
| VMware Player | =1.0.0 | |
| VMware GSX Server | =3.1 | |
| VMware GSX Server | =2.0.1_build_2129 | |
| VMware Workstation and ESXi | =4.5.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html
- http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2000
- http://www.securityfocus.com/bid/15998
- http://secunia.com/advisories/18162
- http://www.kb.cert.org/vuls/id/856689
- http://securitytracker.com/id?1015401
- http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml
- http://secunia.com/advisories/18344
- http://securityreason.com/securityalert/282
- http://securityreason.com/securityalert/289
- http://www.vupen.com/english/advisories/2005/3013
- http://www.securityfocus.com/archive/1/420017/100/0/threaded
- http://www.securityfocus.com/archive/1/419997/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2005-4459?
CVE-2005-4459 has a high severity rating due to its potential for remote code execution.
How do I fix CVE-2005-4459?
To fix CVE-2005-4459, update the affected VMware products to the latest patched versions provided by VMware.
Which VMware products are affected by CVE-2005-4459?
CVE-2005-4459 affects VMware Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0.
What type of vulnerability is CVE-2005-4459?
CVE-2005-4459 is a heap-based buffer overflow vulnerability.
Can CVE-2005-4459 be exploited remotely?
Yes, CVE-2005-4459 can be exploited remotely by authenticated attackers.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/references
- agent/last-modified-date
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/vmware
- canonical/vmware gsx server
- version/vmware gsx server/3.0_build_7592
- version/vmware gsx server/3.2
- canonical/vmware ace
- version/vmware ace/1.0
- canonical/vmware workstation and esxi
- version/vmware workstation and esxi/5.0.0_build_13124
- version/vmware workstation and esxi/4.0
- version/vmware gsx server/2.5.2
- version/vmware workstation and esxi/4.0.1
- version/vmware workstation and esxi/3.4
- version/vmware workstation and esxi/5.5
- version/vmware workstation and esxi/4.0.2
- version/vmware workstation and esxi/3.2.1-patch1
- version/vmware gsx server/3.0
- version/vmware workstation and esxi/4.5.2_build_8848-r4
- version/vmware gsx server/2.0
- version/vmware gsx server/2.5.1_build_5336
- version/vmware gsx server/2.5.1
- canonical/vmware player
- version/vmware player/1.0.0
- version/vmware gsx server/3.1
- version/vmware gsx server/2.0.1_build_2129
- version/vmware workstation and esxi/4.5.2