Denial of Service Vulnerability in VMware Workstation and Player
CVE-2009-4811

Currently unrated

Key Information:

Vendor: Vmware
Status: Player; Ace; Workstation; Server
Vendor: CVE Published:; 27 April 2010

Summary

A vulnerability in the VMware Authentication Daemon can lead to a denial of service condition. Attackers can exploit this flaw by sending a specific sequence of bytes in the USER and PASS commands, leading to a process crash. This impacts several VMware products, including Workstation, Player, ACE, and Server, prior to their respective patched versions. Organizations using these services should assess their systems and apply the necessary updates to protect against potential exploitation.

References

http://security.gentoo.org/glsa/glsa-201209-25.xml

vendor-advisoryx_refsource_GENTOO

http://www.securityfocus.com/bid/36630

vdb-entryx_refsource_BID

http://www.vmware.com/security/advisories/VMSA-2010-0007....

x_refsource_MISC

Timeline

Vulnerability published
Apr 27, 2010
Vulnerability Reserved
Apr 27, 2010