/>
X
Tech
Home Tech Security

VMWare issues 'critical' ESXi security advisory

VMware has released new ESXi and ESX 3.5 packages to fix a "critical" security issue that allows a remote, unauthenticated attacker to launch harmful code on the host running the hypervisor.
Written by Ryan Naraine, Contributor on
VMWare issues ‘critical’ security advisory
VMware has released new ESXi and ESX 3.5 packages to fix a "critical" security issue that allows a remote, unauthenticated attacker to launch harmful code on the host running the hypervisor.

According to this VMWare advisory, the patches fix two remote buffer overflows in the handling of HTTP basic authentication headers.

  • This vulnerability could potentially be exploited by users without valid login credentials.

The vulnerability exists in the "Openwsman" system management platform which is enabled by default in ESX to implement the Web Services Management protocol (WS-Management).

Editorial standards
Show Comments

Related

Picture of iPhone 15 Pro Max's new USB-C port

The iPhone 15 Pro has a weird USB-C charging problem

A young man and a young woman using OnePlus 10 Pro smartphones to take selfies

The best USB-C cables for the iPhone 15: What the experts recommend

abstract AI

Generative AI will far surpass what ChatGPT can do. Here's everything on how the tech advances