Description
Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."
Affected products
- VMware / esx3.5 – 3.5
- VMware / ESXi3.5 – 3.5
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/1744
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html
- VENDOR_ADVISORYhttp://www.vmware.com/security/advisories/VMSA-2008-0009.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/30556
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5640
- MISChttp://securitytracker.com/id?1020199
- MISChttp://www.securityfocus.com/bid/29547
- MISChttp://www.securityfocus.com/archive/1/493080/100/0/threaded
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5759
- MISChttp://securityreason.com/securityalert/3922
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/42875
- VENDOR_ADVISORYhttp://secunia.com/advisories/30581