UC知道英文翻译,不要用翻译软件翻译
来源:百度知道 编辑:UC知道 时间:2024/06/17 15:15:41
Description:
Multiple vulnerabilities have been reported in various VMware products, which can be exploited by malicious, local users to gain escalated privileges or cause a DoS (Denial of Service) or by malicious people to compromise a vulnerable system.
1) An unspecified error can be exploited by a user with administrative privileges in the guest system to cause a memory corruption on a certain host process.
Successful exploitation may allow execution of arbitrary code on the host system.
2) An unspecified error can be exploited within the guest system to cause a host process to crash.
The vulnerabilities affect VMWare ESX 3.0.1, 3.0.0, 2.5.4, 2.5.3, 2.1.3, and 2.0.2, VMWare Workstation 6.0.0 and 5.5.4, VMWare Player 2.0.0 and 1.0.4, VMWare Server 1.0.3, and VMWare ACE 2.0.0 and 1.0.3.
3) An integer underflow error in the DHCP server can be exploited to cause a stack-based buffer overflow via a specially crafted DHCP packet.
Multiple vulnerabilities have been reported in various VMware products, which can be exploited by malicious, local users to gain escalated privileges or cause a DoS (Denial of Service) or by malicious people to compromise a vulnerable system.
1) An unspecified error can be exploited by a user with administrative privileges in the guest system to cause a memory corruption on a certain host process.
Successful exploitation may allow execution of arbitrary code on the host system.
2) An unspecified error can be exploited within the guest system to cause a host process to crash.
The vulnerabilities affect VMWare ESX 3.0.1, 3.0.0, 2.5.4, 2.5.3, 2.1.3, and 2.0.2, VMWare Workstation 6.0.0 and 5.5.4, VMWare Player 2.0.0 and 1.0.4, VMWare Server 1.0.3, and VMWare ACE 2.0.0 and 1.0.3.
3) An integer underflow error in the DHCP server can be exploited to cause a stack-based buffer overflow via a specially crafted DHCP packet.
描述:
多个漏洞已经报道,在各个VMware产品,它可以利用这个漏洞,本地用户获得升级的特权或事业在DOS (拒绝服务)或恶意的人作出妥协,一个脆弱的系统。
1 )未指定的错误可以利用由用户与行政特权,在客户系统,导致记忆腐败对某个主机进程。
成功地利用可能允许执行任意代码对主机系统。
2 )未指定的错误可以利用内部客户制度,导致主机进程崩溃。
该漏洞影响的VMware esx 3.0.1 , 3.0.0 , 2.5.4 , 2.5.3 , 2.1.3 , 2.0.2 , VMware工作站6.0.0和5.5.4 , VMware的播放器2.0.0和1.0.4 , VMware服务器1.0.3 ,和VMware王牌2.0.0和1.0.3 。
3 )一个整数底错误,在DHCP伺服器可以被利用来造成堆栈为基础的缓冲区溢出通过一个特制的DHCP数据包。
4 )一个整数溢出错误,在DHCP伺服器可以被利用来造成堆栈为基础的缓冲区溢出通过一个特制的DHCP数据包。
5 )处理不当,畸形的DHCP数据包可以被利用来执行任意代码,通过一个特制的DHCP数据包。
成功利用这些漏洞允许执行任意代码。
6 )不适当的开始,注册服务可以被利用来获得升级的特权。
该漏洞影响VMware工作站6.0.0和5.5.4 , VMware的播放器2.0.0和1.0.4 , VMware服务器1.0.3 ,和VMware王牌2.0.0和1.0.3 。
你是否有此产品已安装在您的家用电脑呢?扫描使用免费个人软件的督察。检查如果一个脆弱的版本是计算机上安装在您的企业网络,扫描使用的网络软件督察。