VMware Fixes DoS Vulnerability

Wednesday, September 4, 2013 @ 08:09 PM gHale


VMware updated VMware ESXi and ESX to fix a Network File Copy (NFC) protocol unhandled exception vulnerability that can force the user to suffer through a denial-of-service (DoS) attack.

“VMware ESXi and ESX contain a vulnerability in the handling of the Network File Copy (NFC) protocol. To exploit this vulnerability, an attacker must intercept and modify the NFC traffic between ESXi/ESX and the client. Exploitation of the issue may lead to a Denial of Service,” said the VMware advisory.

RELATED STORIES
VMware Fills Hole in Workstation, Player
Cisco Patches Vulnerabilities in UCM
Poison Ivy Variant Avoids Detection
Microsoft Offers Fix for IE 8 Bug

ESXi versions 4.0, 4.1, 5.0 and 5.1, and ESX versions 4.0 and 4.0 suffer from the issue. vCenter Server, VMware Workstation, Player, ACE and Fusion are not affected.

Alex Chapman of Context Information discovered and reported the security hole.

The patches are available on the VMware website.



Leave a Reply

You must be logged in to post a comment.