BID:53371

VMware ESX NFS Traffic Remote Code Execution Vulnerability

Info

VMware ESX NFS Traffic Remote Code Execution Vulnerability

Bugtraq ID:	53371
Class:	Boundary Condition Error
CVE:	CVE-2012-2448
Remote:	Yes
Local:	No
Published:	May 03 2012 12:00AM
Updated:	May 03 2012 12:00AM
Credit:	The vendor
Vulnerable:	VMWare ESXi 5.0 VMWare ESXi 4.1 VMWare ESXi 4.0 VMWare ESXi 3.5 VMWare ESX 4.1 VMWare ESX 4.0 VMWare ESX 3.5

Not Vulnerable:

Discussion

VMware ESX NFS Traffic Remote Code Execution Vulnerability

VMware ESX is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code on the host operating system. Successful attacks may completely compromise the affected computer.

Exploit / POC

VMware ESX NFS Traffic Remote Code Execution Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

VMware ESX NFS Traffic Remote Code Execution Vulnerability

Solution:
Updates are available. Please see the references for more information.

References

VMware ESX NFS Traffic Remote Code Execution Vulnerability

References:

VMware Homepage (VMware)