VMware ESX Server Multiple Command Unprivileged Local DoS

2005-12-09T03:06:20
ID OSVDB:21584
Type osvdb
Reporter OSVDB
Modified 2005-12-09T03:06:20

Description

Vulnerability Description

VMWare ESX Server contains a flaw that may allow a local denial of service. An unprivileged user can execute the 'halt', 'poweroff' and 'reboot' scripts from the service console, which will result in loss of availability for the service.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by removing the 'halt', 'poweroff' and 'reboot' files in the '/etc/security/console.apps' directory.

Short Description

VMWare ESX Server contains a flaw that may allow a local denial of service. An unprivileged user can execute the 'halt', 'poweroff' and 'reboot' scripts from the service console, which will result in loss of availability for the service.

References:

Vendor Specific Advisory URL CVE-2005-4773