Page 145 of 880 results (0.008 seconds)

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1 Update 1 does not have a digital signature, which might make it easier for remote attackers to spoof the software distribution via a Trojan horse installer. El instalador auto-extraible del cliente vSphere en VMware vCenter 4.0 anteriores a la Actualización 3 y v4.1 anteriores a la Actualización 1, VMware ESXi v4.x anteriores a v4.1 Actualización 1, y VMware ESX v4.x anteriores a v4.1 Actualización 1 no tiene una firma digital , lo que podría facilitar a los atacantes remotos a falsificar la distribución de software a través de un instalador troyanizado. • http://lists.vmware.com/pipermail/security-announce/2011/000137.html http://securitytracker.com/id?1025502 http://www.vmware.com/security/advisories/VMSA-2011-0008.html • CWE-310: Cryptographic Issues •

CVSS: 7.8EPSS: 5%CPEs: 4EXPL: 0

VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (socket exhaustion) via unspecified network traffic. VMware ESXi v4.0 y v4.1 y ESX v4.0 y v4.1 permite a atacantes remotos provocar una denegación de servicio (agotamiento del socket) a través de tráfico de red no especificado. • http://kb.vmware.com/kb/1035108 http://lists.vmware.com/pipermail/security-announce/2011/000133.html http://osvdb.org/72118 http://securityreason.com/securityalert/8240 http://securitytracker.com/id?1025452 http://www.securityfocus.com/archive/1/517739/100/0/threaded http://www.securityfocus.com/bid/47627 http://www.vmware.com/security/advisories/VMSA-2011-0007.html https://exchange.xforce.ibmcloud.com/vulnerabilities/67195 https://oval.cisecurity.org/repository/search/definition/oval% • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 5%CPEs: 5EXPL: 0

lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 before build 8325, and Enterprise 6.0 before build 178, as distributed in VMware ESXi 4.1 and ESX 4.1 and possibly other products, allows remote attackers to cause a denial of service (daemon crash) via an Active Directory login attempt that provides a username containing an invalid byte sequence. lsassd en Likewise Open /Enterprise versión 5.3 anterior a build 7845, Open versión 6.0 anterior a build 8325, e Enterprise versión 6.0 anterior a build 178, tal y como es distribuido en ESXi versión 4.1 y ESX versión 4.1 de VMware y posiblemente otros productos, permite que los atacantes remotos causar una denegación de servicio (bloqueo del demonio) por medio de un intento de inicio de sesión de Active Directory que proporciona un nombre de usuario que contiene una secuencia de bytes no válida. • http://kb.vmware.com/kb/1035108 http://lists.vmware.com/pipermail/security-announce/2011/000133.html http://secunia.com/advisories/44349 http://securityreason.com/securityalert/8240 http://securitytracker.com/id?1025452 http://www.likewise.com/community/index.php/forums/viewannounce/1104_27 http://www.securityfocus.com/archive/1/517739/100/0/threaded http://www.securityfocus.com/bid/47625 http://www.vmware.com/security/advisories/VMSA-2011-0007.html https://exchange.xforce.ibmcloud • CWE-399: Resource Management Errors •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 2

vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka open-vm-tools) 8.4.2-261024 and earlier attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to trigger corruption of this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. vmware-hgfsmounter en VMware Open Virtual Machine Tools (también conocido como open-vm-tools) v8.4.2-261024 y anteriores se añaden al fichero /etc/mtab sin primero verificar si los límites de recursos interfieren, lo que permite a usuarios locales provocar la corrupción de este fichero a través de un proceso con un valor pequeño RLIMIT_FSIZE, un asunto relacionado con CVE-2011-1089. • http://openwall.com/lists/oss-security/2011/03/04/10 http://openwall.com/lists/oss-security/2011/03/04/11 http://openwall.com/lists/oss-security/2011/03/04/12 http://openwall.com/lists/oss-security/2011/03/04/9 http://openwall.com/lists/oss-security/2011/03/05/3 http://openwall.com/lists/oss-security/2011/03/05/7 http://openwall.com/lists/oss-security/2011/03/07/9 http://openwall.com/lists/oss-security/2011/03/14/16 http://openwall • CWE-16: Configuration •

CVSS: 6.9EPSS: 0%CPEs: 27EXPL: 0

VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory. VMware vmrun,como se utiliza en VIX API v1.x antes de v1.10.3 y VMware Workstation v6.5.x antes de v7.1.4 y v7.x compilación 385536 en Linux podría permitir a usuarios locales conseguir privilegios a través de un caballo de Troya en una librería compartida en un directorio especificado. • http://lists.vmware.com/pipermail/security-announce/2011/000131.html http://secunia.com/advisories/43885 http://secunia.com/advisories/43943 http://securityreason.com/securityalert/8173 http://securitytracker.com/id?1025270 http://www.securityfocus.com/archive/1/517240/100/0/threaded http://www.securityfocus.com/bid/47094 http://www.vmware.com/security/advisories/VMSA-2011-0006.html http://www.vupen.com/english/advisories/2011/0816 https://exchange.xforce.ibmcloud.com/vulnerabilities/664 • CWE-264: Permissions, Privileges, and Access Controls •