CVE-2005-4459

CWE-119 — Buffer Overflow3 documents3 sources

Severity

10.0CRITICAL

EPSS

63.4%

top 1.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware ACE Vmware GSX Server Vmware Player +1 more

Timeline

PublishedDec 21

Latest updateMay 1

Description

Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages4 packages

▶NVDvmware/player1.0.0

▶NVDvmware/gsx_server9 versions+8

▶NVDvmware/workstation9 versions+8

▶NVDvmware/ace1.0

Patches

Patch: secunia.com ↗Patch: www.securityfocus.com ↗Patch: www.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-pqx2-mg4c-9g67: Heap-based buffer overflow in the NAT networking components vmnat↗2022-05-01

▶

CVEList

CVE-2005-4459: Heap-based buffer overflow in the NAT networking components vmnat↗2005-12-21

▶