86 matches found
CVE-2014-6271
CVE-2014-6271 (Shellshock) affects GNU Bash up to 4.3, enabling remote code execution by processing trailing strings after function definitions in environment variables. Exploitation vectors include OpenSSH ForceCommand, mod_cgi/mod_cgid in Apache, DHCP client scripts, and other environment-passi...
CVE-2008-2100
CVE-2008-2100 corresponds to VMware VIX API Multiple Buffer Overflow Vulnerabilities (VMSA-2008-0009). It affects VIX API 1.1.x before 1.1.4 build 93057 across host products (VMware Workstation 5.x/6.x, VMware Player 1.x/2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, ...
CVE-2014-7169
CVE-2014-7169 affects GNU Bash up to 4.3, where parsing of function definitions in environment variables can be exploited to run commands or impact other attributes across privilege boundaries (notably via ForceCommand in OpenSSH sshd and via mod_cgi/mod_cgid in Apache, as well as DHCP client scr...
CVE-2013-3519
CVE-2013-3519 concerns a privilege-escalation flaw in VMware’s LGTOSYNC.SYS driver. A crafted memory allocation could allow a guest OS user to gain guest-OS privileges on 32-bit Windows guests. Affected products/versions (per VMSA-2013-0014 and associated advisories): VMware Workstation 9.x befor...
CVE-2009-3733
CVE-2009-3733 describes a directory traversal vulnerability in VMware Server 1.x (before 1.0.10 build 203137) and 2.x (before 2.0.2 build 203138) on Linux, plus VMware ESXi 3.5 and VMware ESX 3.0.3/3.5. The issue allows remote attackers to read arbitrary files via unspecified vectors. Connected s...
CVE-2009-3547
CVE-2009-3547 refers to multiple race conditions in fs/pipe.c of the Linux kernel before 2.6.32-rc6. The flaws can allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by opening an anonymous pipe via a /proc/*/fd/ pathname. A fix is availa...
CVE-2010-3081
CVE-2010-3081 describes a local privilege-escalation in the Linux kernel’s 64-bit compat layer due to missing sanity checks in compat_alloc_user_space, enabling a local user to abuse compat_mc_getsockopt controlling a length value. Affected: kernel 2.6.x before 2.6.36-rc4-git2 on 64-bit platforms...
CVE-2013-1406
CVE-2013-1406 affects VMware VMCI in vmci.sys across VMware Workstation (8.x before 8.0.5; 9.x before 9.0.1), VMware Fusion (4.1 before 4.1.4; 5.0 before 5.0.2), VMware View (4.x before 4.6.2; 5.x before 5.1.2), VMware ESXi/ESX (4.0–5.1). Root cause: improper restriction of memory allocation by V...
CVE-2012-5703
CVE-2012-5703 affects VMware ESXi 4.1 / ESX 4.1 via the vSphere API. The vulnerability arises from improper handling of certain SOAP requests in RetrieveProp and RetrievePropEx, allowing remote attackers to cause a denial-of-service (host daemon crash). Exploitation is described as remote and una...
CVE-2009-2416
CVE-2009-2416 is a use-after-free in libxml2 (versions 2.5.10, 2.6.16, 2.6.26, 2.6.27, 2.6.32) and libxml 1.8.17 triggered by crafted Notation/Enumeration attribute types in a DTD; leads to denial of service (application crash). Related CVE-2009-2414 is a stack-growth DoS via deep DTD structures....
CVE-2010-4655
CVE-2010-4655 affects the Linux kernel’s net/core/ethtool.c, where uninitialized data structures in ethtool ioctl handling could allow a local user with CAP_NET_ADMIN to leak information from kernel heap memory. The initial description specifies the vulnerability exists in kernel builds before 2....
CVE-2010-2798
The CVE-2010-2798 entry concerns the Linux kernel prior to 2.6.35, where gfs2_dirent_find_space uses an incorrect size value in calculations related to sentinel directory entries. This can allow local attackers to trigger a denial of service via a NULL pointer dereference and kernel panic, with a...
CVE-2009-1244
CVE-2009-1244 is a VMware-hosted products issue where a guest OS could execute code on the host via the virtual machine display function. Affected products include VMware Server/Player/Workstation and related hosted ESX/ESXi components (as described in the CVE record). The root cause is described...
CVE-2009-3080
CVE-2009-3080 affects the Linux kernel gdth driver (gdth_read_event in drivers/scsi/gdth.c). In kernels before 2.6.32-rc8, a negative event index in an IOCTL can allow local users to cause a denial of service or potentially gain privileges. MiracleLinux advisories cite this CVE as part of affecte...
CVE-2009-2848
CVE-2009-2848 is confirmed in connected material as applicable to MiracleLinux kernel package 2.6.18-128.10AXS3, aligning with the Linux kernel vulnerability where execve does not properly clear current->clear_child_tid during thread creation/exit. This misbehavior can enable local users to ca...
CVE-2009-0034
CVE-2009-0034 affects sudo 1.6.9p17–1.6.9p19; parse.c does not properly interpret a system group (%group) in the sudoers file during authorization for a user in that group, enabling local users to gain root privileges via sudo. This is a local privilege escalation vulnerability. The connected Nes...
CVE-2009-1072
CVE-2009-1072 affects the Linux kernel prior to 2.6.28.9. nfsd in the kernel does not drop the CAP_MKNOD capability before handling a user request in a thread, enabling local users on an exported filesystem using root_squash to create device nodes. MiracleLinux 3 lists this as fixed in kernel-2.6...
CVE-2009-3621
The CVE-2009-3621 issue affects the Linux kernel up to version 2.6.31.4 and earlier, specifically in net/unix/af_unix.c. The vulnerability allows a local attacker to cause a denial of service (system hang) by: (1) creating an abstract-namespace AF_UNIX listening socket, (2) performing a shutdown ...
CVE-2010-4526
CVE-2010-4526 describes a race condition in the Linux kernel between 2.6.11-rc2 and 2.6.33 in sctp_icmp_proto_unreachable (net/sctp/input.c). An ICMP Unreachable to a socket that is already locked by a user can free the socket and trigger list corruption via sctp_wait_for_connect, enabling remote...
CVE-2009-2267
CVE-2009-2267 affects VMware products (Workstation, Player, ACE, Server, Fusion, ESXi/ESX) where Virtual-8086 mode is used. The root cause is an improper setting of the exception code on a page fault (#PF), allowing guest OS users to gain privileges on the guest OS by supplying a crafted value fo...
CVE-2010-2942
CVE-2010-2942 affects the Linux kernel prior to 2.6.36-rc2. The issue arises in the actions implementation of network queueing: several tcf_*_dump routines (tcf_gact_dump, tcf_mirred_dump, tcf_nat_dump, tcf_simp_dump, tcf_skbedit_dump) do not properly initialize certain structure members during d...
CVE-2010-3078
The CVE-2010-3078 issue affects the Linux kernel (xfs_ioc_fsgetxattr) where a structure member is not initialized, enabling local attackers to read potentially sensitive data from kernel stack memory via an ioctl. This vulnerability is documented in MiracleLinux AXSA-2010-500:18 and is fixed in 2...
CVE-2010-2524
CVE-2010-2524 affects the Linux kernel CIFS DNS upcall: when CONFIG_CIFS_DFS_UPCALL is enabled, DNS resolution relies on a user keyring via the dns_resolver upcall in the cifs.upcall userspace helper. This allows local privileged or nearby users to spoof DNS query results and mount arbitrary CIFS...
CVE-2010-4251
CVE-2010-4251 affects the Linux kernel up to version 2.6.34. The vulnerability lies in the socket backlog handling in net/core/sock.c, which allows remote attackers to cause memory exhaustion DoS by sending大量 network traffic (e.g., UDP via netperf). The issue is addressed by the 2.6.34 changelog ...
CVE-2010-2492
CVE-2010-2492 affects the Linux kernel’s eCryptfs component: a buffer overflow in the ecryptfs_uid_hash macro (fs/ecryptfs/messaging.c) could allow local privilege escalation or a denial of service. The MiracleLinux AXSA advisory lists this CVE among kernel issues and specifies the flaw occurs in...
CVE-2009-1630
CVE-2009-1630 affects the Linux kernel nfs client: the nfs_permission function in fs/nfs/dir.c (kernel 2.6.29.3 and earlier) does not check execute (MAY_EXEC) permission bits when atomic_open is available. This allows local users to bypass permissions and execute files, as demonstrated by files o...
CVE-2010-2943
CVE-2010-2943 affects the Linux kernel's XFS implementation up to version 2.6.34, where inode allocation B-trees are not consulted before reading inode buffers. This allows remote authenticated users to read unlinked files or read/overwrite disk blocks that were previously allocated to an unlinke...
CVE-2010-4263
The CVE-2010-4263 issue involves the Intel igb driver (drivers/net/igb/igb_main.c) in the Linux kernel and its handling of VLAN-tagged frames when SR-IOV and promiscuous mode are enabled but no VLANs are registered. In kernels before 2.6.34, processing such frames could trigger a NULL pointer der...
CVE-2008-3281
libxml2 up to version 2.6.32 is affected by CVE-2008-3281 due to improper detection of recursion during entity expansion in an attribute value, enabling a denial-of-service via crafted XML (memory and CPU consumption). The Gentoo GLSA confirms this, and recommends upgrading to libxml2 >= 2.7.2...
CVE-2010-2066
CVE-2010-2066 affects the Linux kernel up to version 2.6.34. The flaw is in fs/ext4/move_extent.c: the mext_check_arguments routine, which can allow a local attacker to overwrite an append-only file when using the MOVE_EXT ioctl and designating that file as the donor. The issue arises from insuff...
CVE-2009-0778
CVE-2009-0778 affects the Linux kernel prior to 2.6.25 when configured as a router with a REJECT route. The icmp_send code in net/ipv4/icmp.c can mishandle the Protocol Independent Destination (DST) cache, potentially leaking DST state and allowing remote attackers to cause a denial of service (c...
CVE-2014-1207
CVE-2014-1207 affects VMware ESXi/ESX: versions ESXi 4.0–5.1 and ESX 4.0–4.1 are vulnerable via a NULL pointer dereference in NFC traffic handling, allowing remote attackers to cause a denial of service by intercepting/modifying NFC traffic. The issue is evidenced in multiple sources (NVD entry a...
CVE-2012-1516
Vulnerability CVE-2012-1516 affects VMware VMX RPC handling in ESXi/ESX 3.5–4.1 (and related Workstation/Player components). A guest user could cause a denial of service or, potentially, execute code on the host via data-pointer related paths. Exploitation relies on triggering problematic RPC han...
CVE-2010-4297
CVE-2010-4297 describes an OS command injection flaw in the VMware Tools update functionality that affects multiple VMware products (Workstation, Player, Fusion, ESXi/ESX/Server, etc.). The root cause is improper validation of user-supplied input during tool update, allowing a local host user to ...
CVE-2008-4915
CVE-2008-4915 documents a privilege-escalation flaw in CPU hardware emulation across VMware products (Workstation, Player, Server, ESX/ESXi, and related variants) when running 32/64-bit guest OS. The trap-flag handling flaw allows an authenticated guest OS user to gain privileges on the guest OS....
CVE-2011-2145
CVE-2011-2145 affects VMware Tools HGFS. When a Solaris or FreeBSD guest OS is used, mount.vmhgfs in the Host/Guest File System can allow a guest OS user to write to arbitrary guest files via unspecified vectors due to a procedural error. Affected products and versions (from VMware/VMware Tools r...
CVE-2012-1508
CVE-2012-1508 affects the XPDM display driver in VMware products (ESXi/ESX 4.0–4.1 and 5.0; View prior to 4.6.1). The issue is a NULL pointer dereference in the XPDM/WDDM display stack that can allow guest-OS privilege escalation or cause a guest-OS denial of service via unspecified vectors. Conn...
CVE-2008-4917
CVE-2008-4917 is a memory corruption issue in VMware VM hardware where a guest can trigger an arbitrary physical-memory write, affecting VMware Workstation 5.5.8 and earlier, 6.x, VMware Player 1.0.8 and 2.x, VMware Server 1.0.9 and earlier, and ESXi/ESX 3.x. Root cause: mis-handling of a guest-t...
CVE-2007-0063
CVE-2007-0063 affects the DHCP server in VMware-related products (Workstation, Player, ACE, Server) prior to the listed builds. An integer underflow in the DHCP server can trigger a stack-based buffer overflow when processing malformed DHCP packets, enabling remote code execution. Mitigation in t...
CVE-2010-1142
CVE-2010-1142 affects VMware Tools across multiple VMware products (Workstation 6.5.x before 6.5.4, Player 2.5.x before 2.5.4, ACE 2.5.x before 2.5.4, Server 2.x before 2.0.2, Fusion 2.x before 2.0.6, ESXi/ESX family) where Windows guest users could gain privileges by placing a Trojan horse on th...
CVE-2010-4343
CVE-2010-4343 affects the Linux kernel, where drivers/scsi/bfa/bfa_core.c may fail to initialize a port data structure in fc_host, enabling a local user to crash the system by reading the fc_host statistics file. This is fixed in kernel versions starting with 2.6.35 (i.e., patched in 2.6.35+). Ev...
CVE-2014-1208
CVE-2014-1208 affects VMware products including Workstation 9.x (before 9.0.1), Player 5.x (before 5.0.1), Fusion 5.x (before 5.0.1), ESXi 4.0–5.1, and ESX 4.0–4.1. Root cause: handling of invalid port in VMX/ NFC path leads to guest-user–triggered denial of service (VMX process disruption). Impa...
CVE-2007-5671
CVE-2007-5671 is a VMware Tools local privilege-escalation issue in the guest HGFS driver (HGFS.sys) present in VMware Workstation/Player/ACE/Server and ESX/ESXi components. The flaw arises from improper validation of arguments to user-mode IOCTLs to .\hgfs, enabling a guest user to modify kernel...
CVE-2012-1510
CVE-2012-1510 refers to a buffer overflow in the VMware WDDM display driver affecting VMware ESXi/ESX (4.0, 4.1, 5.0) and VMware View prior to 4.6.1. Exploitation could allow a guest OS user to gain guest OS privileges via unspecified vectors. The connected advisories confirm the issue and map it...
CVE-2011-1787
The CVE-2011-1787 issue is a race condition in VMware HGFS (mount.vmhgfs) within the Host-Guest File System. Affected products include VMware Workstation 7.1.x (prior to 7.1.4), VMware Player 3.1.x (prior to 3.1.4), VMware Fusion 3.1.x (prior to 3.1.3), VMware ESXi 3.5–4.1, and VMware ESX 3.0.3–4...
CVE-2013-1405
CVE-2013-1405 affects multiple VMware products (vCenter Server, VirtualCenter, vSphere Client, VI-Client, ESXi/ESX 3.5–4.1). A flaw in the management authentication protocol allows remote servers to trigger code execution or memory corruption via unspecified vectors. VMware’s VMSA-2013-0001 descr...
CVE-2013-1661
CVE-2013-1661 affects VMware ESXi 4.0–5.1 and ESX 4.0–4.1, where the NFC protocol handling can be exploited by MITM to trigger a denial of service (unhandled exception and crash). The issue stems from improper NFC data stream processing. VM advisories (VMSA-2013-0011) document affected releases a...
CVE-2009-1805
CVE-2009-1805 concerns the VMware Descheduled Time Accounting DoS vulnerability. The issue affects multiple VMware products where the Descheduled Time Accounting Service is not running inside a Windows guest, allowing a guest OS user to cause a denial of service via unknown vectors. Affected prod...
CVE-2008-0967
CVE-2008-0967 describes a local privilege escalation in vmware-authd due to an untrusted library search path. A local user can gain privileges by manipulating a library path option in a configuration file. Affected products include VMware Workstation 5.x (before 5.5.7 build 91707), VMware Worksta...
CVE-2012-1515
CVE-2012-1515 is a VMware ROM-overwrite privilege-escalation issue affecting ESXi/ESX 3.5, 4.0, and 4.1 due to incorrect handling of port-based I/O. The flaw allows a guest OS user to overwrite memory in the read-only VDM ROM, enabling guest Privileges escalation. The issue is documented in VMwar...