Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-3707

CWE-134 — Uncontrolled Format String4 documents4 sources

Severity

5.0MEDIUM

EPSS

21.3%

top 4.32%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Vmware ACE Vmware Player Vmware Server +1 more

Timeline

PublishedOct 16

Latest updateMay 2

Description

VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\xFF sequence in the USER and PASS commands, related to a "for…

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

▶NVDvmware/player7 versions+6

▶NVDvmware/server2.0.0, 2.0.1, 2.0.2+2

▶NVDvmware/workstation7 versions+6

▶NVDvmware/ace7 versions+6

🔴Vulnerability Details

GHSA

GHSA-47pm-rhm6-w3xc: VMware Authentication Daemon 1↗2022-05-02

▶

CVEList

CVE-2009-3707: VMware Authentication Daemon 1↗2009-10-16

▶

💥Exploits & PoCs

Exploit-DB

VMware Player / VMware Workstation 6.5.3 - 'VMware-authd' Remote Denial of Service↗2009-10-07

▶