VMware "vmware-authd" Denial Of Service Vulnerability

2011年2月4日

危険度: : 中

CVE識別番号: CVE-2009-0177

概要

vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command.

トレンドマイクロの対策

Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.

影響を受けるソフトウェア

vmware vmware_player 1.0.0
vmware vmware_player 1.0.1
vmware vmware_player 1.0.2
vmware vmware_player 1.0.3
vmware vmware_player 1.0.4
vmware vmware_player 1.0.6
vmware vmware_player 1.0.7
vmware vmware_player 1.0.8
vmware vmware_player 1.0.9
vmware vmware_player 1.05
vmware vmware_player 2.0
vmware vmware_player 2.0.1
vmware vmware_player 2.0.2
vmware vmware_player 2.0.3
vmware vmware_player 2.0.4
vmware vmware_player 2.0.5
vmware vmware_player 2.5
vmware vmware_player 2.5.1
vmware vmware_workstation 4.5.3
vmware vmware_workstation 5.0
vmware vmware_workstation 5.5.0
vmware vmware_workstation 5.5.1
vmware vmware_workstation 5.5.2
vmware vmware_workstation 5.5.3
vmware vmware_workstation 5.5.4
vmware vmware_workstation 5.5.5
vmware vmware_workstation 5.5.6
vmware vmware_workstation 5.5.7
vmware vmware_workstation 5.5.8
vmware vmware_workstation 6.0
vmware vmware_workstation 6.0.1
vmware vmware_workstation 6.0.2
vmware vmware_workstation 6.0.3
vmware vmware_workstation 6.0.4
vmware vmware_workstation 6.0.5
vmware vmware_workstation 6.5
vmware vmware_workstation 6.51