/>
X
Innovation

VMWare issues 'critical' ESXi security advisory

VMware has released new ESXi and ESX 3.5 packages to fix a "critical" security issue that allows a remote, unauthenticated attacker to launch harmful code on the host running the hypervisor.
Written by Ryan Naraine, Contributor on
VMWare issues ‘critical’ security advisory
VMware has released new ESXi and ESX 3.5 packages to fix a "critical" security issue that allows a remote, unauthenticated attacker to launch harmful code on the host running the hypervisor.

According to this VMWare advisory, the patches fix two remote buffer overflows in the handling of HTTP basic authentication headers.

  • This vulnerability could potentially be exploited by users without valid login credentials.

The vulnerability exists in the "Openwsman" system management platform which is enabled by default in ESX to implement the Web Services Management protocol (WS-Management).

Editorial standards

Related

These are my 5 must-have devices for work travel now
ipad-mini-firewalla-purple-macbook-air

These are my 5 must-have devices for work travel now

What is ChatGPT and why does it matter? Here's what you need to know
chat bot

What is ChatGPT and why does it matter? Here's what you need to know

Stack Overflow temporarily bans answers from OpenAI's ChatGPT chatbot
Developers discussing something on a laptop

Stack Overflow temporarily bans answers from OpenAI's ChatGPT chatbot