VMWare GSX Server Authentication Server Buffer Overflow Vulnerability

VMWare GSX Server ships with an authentication server. The server is vulnerable to a buffer overflow related to handling of the argument to the "GLOBAL" command. While attackers must be authenticated before the command can be issued, default accounts may exist. This has not been confirmed by VMWare.

This condition may be exploited to execute arbitrary code on the GSX server host. The code likely executes on the underlying, native system and may compromise the host entirely (including all virtual systems).


Privacy Statement
Copyright 2010, SecurityFocus