VMware patches denial of service vulnerability in its hypervisors

VMware patches denial of service vulnerability in its hypervisors

Summary: VMware has patched a vulnerability in its hypervisors that could be exploited to help mount a denial of service attack.

SHARE:

Virtualisation company VMware has patched a vulnerability in its hypervisors that could be exploited in a denial of service (DoS) attack.

VMWare's ESX and ESXi hypervisors contain a vulnerability, designated as CVE-2013-1661 by the Common Vulnerabilities and Exposures project, in how they implement the Network File Copy (NFC) protocol.

An unhandled exception when the hypervisors use the NFC protocol could be exploited to help mount a DoS attack. To exploit the vulnerability an attacker would need to intercept and modify NFC traffic between the ESX/ESXi hypervisors and the client machine.

The vulnerability was found in VMware ESXi 5.1 5.0, 4.1 and 4.0 and ESX 4.1 and 4.0. Details of how to patch this flaw can be found in VMware's security advisory.

Further reading about virtualisation security

Topics: Security, Cloud, Virtualization

About

Nick Heath is chief reporter for TechRepublic UK. He writes about the technology that IT-decision makers need to know about, and the latest happenings in the European tech scene.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion