VMware patches denial of service vulnerability in its hypervisors

Summary:VMware has patched a vulnerability in its hypervisors that could be exploited to help mount a denial of service attack.

Virtualisation company VMware has patched a vulnerability in its hypervisors that could be exploited in a denial of service (DoS) attack.

VMWare's ESX and ESXi hypervisors contain a vulnerability, designated as CVE-2013-1661 by the Common Vulnerabilities and Exposures project, in how they implement the Network File Copy (NFC) protocol.

An unhandled exception when the hypervisors use the NFC protocol could be exploited to help mount a DoS attack. To exploit the vulnerability an attacker would need to intercept and modify NFC traffic between the ESX/ESXi hypervisors and the client machine.

The vulnerability was found in VMware ESXi 5.1 5.0, 4.1 and 4.0 and ESX 4.1 and 4.0. Details of how to patch this flaw can be found in VMware's security advisory.

Further reading about virtualisation security

Topics: Security, Cloud, Virtualization


Nick Heath is chief reporter for TechRepublic UK. He writes about the technology that IT-decision makers need to know about, and the latest happenings in the European tech scene.

Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.