VMware ESXi 5.0 Memory Corruption Vulnerability

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-37064	2013-A-0054	SV-48825r1_rule	ECMT-1 ECMT-2 VIVM-1	High

Description
VMware has released a security advisory addressing a memory corruption vulnerability affecting VMware ESXi 5.0. To exploit this vulnerability, an attacker would intercept and modify the NFC traffic between vCenter Server and the client or ESXi/ESX and the client. If successfully exploited, this vulnerability would allow an attacker to execute arbitrary code. <br><br> At this time, there are no known exploits associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents.

Description

VMware has released a security advisory addressing a memory corruption vulnerability affecting VMware ESXi 5.0. To exploit this vulnerability, an attacker would intercept and modify the NFC traffic between vCenter Server and the client or ESXi/ESX and the client. If successfully exploited, this vulnerability would allow an attacker to execute arbitrary code. <br><br> At this time, there are no known exploits associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents.

STIG	Date
VMware ESXi Server 5.0 Security Technical Implementation Guide	2013-09-12

Details

Check Text ( None )
None

Fix Text (None)
None