CVE Reference: CVE-2008-2097

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2008-2097

Description:
Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/42875

SUSE
  http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html

ST
  1020199

SREASON
  http://securityreason.com/securityalert/3922

SAID
  Secunia Advisory: SA30556
  Secunia Advisory: SA30581

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5759
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5640

CONFIRM
  http://www.vmware.com/security/advisories/VMSA-2008-0009.html

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/493080/100/0/threaded

BID
  29547


Return to the previous page.