[SingCERT] VMware ESX and ESXi Multiple Security Bypass and Denial of Service
- Published on Thursday, 10 March 2011 09:58
[ Summary ]
Multiple vulnerabilities have been identified in VMware ESX and ESXi.
These vulnerabilities are caused by errors in SLPD, bind, pam, and rpm. For example, a remote attacker can send specially crafted data to cause the target Service Location Protocol daemon (SLPD) to enter an infinite loop and consume excessive CPU resources.
[ Affected Systems ]
- VMware ESXi version 4.1
- VMware ESXi version 4.0
- VMware ESX version 4.1
- VMware ESX version 4.0
[ Solution/Workaround ]
[ Reference ]