VMware GSX Server detected
Created 8/6/02
CVE 2002-0814
Impact
A buffer overflow vulnerability in VMware GSX Server's Authorization
Service included with version 2.0.0. build 2050 for Windows could allow
a remote attacker (with a valid user name and password) to execute
arbitrary code on the system.
Background
VMware GSX Server
is software that allows you to simultaneously run multiple virtual machines
(self-contained, independent guest Operating Systems running on the host OS)
on a single hardware platform. It also allows remote administration of the
virtual machines. The VMware Remote Console communicates with the VMware
GSX Server, after first performing handshake operations with the VMware
Authentication Daemon.
The Problem
A buffer overflow condition in the VMware Authorization Service could
allow a remote attacker to execute arbitrary code on the system.
Only the Windows version of VMware GSX Server 2.0.0 build 2050 is vulnerable.
Resolution
Install the appropriate patch from the vendor.
Where can I read more about this?
For more information, see the original posting on Bugtraq, and VMware's response.