CVE-2005-4459
7.8 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.951 High
EPSS
Percentile
99.3%
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.
References
lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html
secunia.com/advisories/18162
secunia.com/advisories/18344
securityreason.com/securityalert/282
securityreason.com/securityalert/289
securitytracker.com/id?1015401
www.gentoo.org/security/en/glsa/glsa-200601-04.xml
www.kb.cert.org/vuls/id/856689
www.securityfocus.com/archive/1/419997/100/0/threaded
www.securityfocus.com/archive/1/420017/100/0/threaded
www.securityfocus.com/bid/15998
www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=2000
www.vupen.com/english/advisories/2005/3013
Related
7.8 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.951 High
EPSS
Percentile
99.3%