9 matches found
VMSA-2008-0015 : Updated ESXi and ESX 3.5 packages address critical security issue in openwsman
a. Updated Openwsman Openwsman is a system management platform that implements the Web Services Management protocol WS-Management. It is installed and running by default. It is used in the VMware Management Service Console and in ESXi. The openwsman 2.0.0 management service on ESX 3.5 and ESXi 3....
Openwsman HTTP Basic Authentication Buffer Overflow (CVE-2008-2234)
Openwsman is an implementation of Web Services Management WS-Management specification. It uses the WS-Management protocol, which is a SOAP-based protocol using HTTP for exchange of information related to management of devices and applications in a platform independent manner. There exists a stack...
VMSA-2008-0015:Updated ESXi and ESX 3.5 packages address CRITICAL security issue in openwsman
VMSA-2008-0015 Updated ESXi and ESX 3.5 packages address critical security issue in openwsman VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0015 VMware Security AdvisorySynopsis: Updated ESXi and ESX 3.5 packages address critical security issue in openwsman VMware Securi...
Openwsman HTTP Basic Authentication buffer overflow
Added: 10/17/2008 CVE: CVE-2008-2234 BID: 30694 OSVDB: 47534 Background Openwsman is an open-source implementation of the Web Services Management specification. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP Basic...
Openwsman HTTP Basic Authentication buffer overflow
Added: 10/17/2008 CVE: CVE-2008-2234 BID: 30694 OSVDB: 47534 Background Openwsman is an open-source implementation of the Web Services Management specification. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP Basic...
Openwsman HTTP Basic Authentication buffer overflow
Added: 10/17/2008 CVE: CVE-2008-2234 BID: 30694 OSVDB: 47534 Background Openwsman is an open-source implementation of the Web Services Management specification. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP Basic...
VMSA-2008-0015 Updated ESXi and ESX 3.5 packages address critical security issue in openwsman
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2008-0015 Synopsis: Updated ESXi and ESX 3.5 packages address critical security issue in openwsman Issue date: 2008-09-18 Updated on:...
openSUSE 10 Security Update : libwsman-devel (libwsman-devel-5531)
This update of openwsman fixes several security vulnerabilities found by the SuSE Security-Team : - remote buffer overflows while decoding the HTTP basic authentication header CVE-2008-2234 - a possible SSL session replay attack affecting the client depending on the configuration CVE-2008-2233...
CVE-2008-2234
CVE-2008-2234 : Openwsman 1.2.0 and 2.0.0 contain remote buffer overflows when decoding the HTTP Basic Authentication header, allowing arbitrary code execution. VMware advisory notes remote code execution via Openwsman in ESXi/ESX 3.5 (patched to 2.0.0); NOS patches upgrade to Openwsman 2.1.0+ (E...