CVE-2005-4459

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0540%

EPSS Percentile2.55th

PublishedDec 21, 2005

Last ModifiedApr 16, 2026

Vulnerability Description

Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.

Affected Platforms (CPE)

📦

Vmware

Ace

= 1.0

📦

Vmware

Gsx Server

= 2.0

📦

Vmware

Gsx Server

= 2.0.1_build_2129

📦

Vmware

Gsx Server

= 2.5.1

📦

Vmware

Gsx Server

= 2.5.1_build_5336

📦

Vmware

Gsx Server

= 2.5.2

📦

Vmware

Gsx Server

= 3.0

📦

Vmware

Gsx Server

= 3.0_build_7592

📦

Vmware

Gsx Server

= 3.1

📦

Vmware

Gsx Server

= 3.2

📦

Vmware

Player

= 1.0.0

📦

Vmware

Workstation

= 3.2.1

📦

Vmware

Workstation

= 3.4

📦

Vmware

Workstation

= 4.0

📦

Vmware

Workstation

= 4.0.1

📦

Vmware

Workstation

= 4.0.2

📦

Vmware

Workstation

= 4.5.2

📦

Vmware

Workstation

= 4.5.2_build_8848

📦

Vmware

Workstation

= 5.0.0_build_13124

📦

Vmware

Workstation

= 5.5

References & Advisories

🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html

🔗 http://secunia.com/advisories/18162

🔗 http://secunia.com/advisories/18344

🔗 http://securityreason.com/securityalert/282

🔗 http://securityreason.com/securityalert/289

🔗 http://securitytracker.com/id?1015401

🔗 http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml

🔗 http://www.kb.cert.org/vuls/id/856689

Vulnerability Description

Affected Platforms (CPE)

Ace

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Player

Workstation

Workstation

Workstation

Workstation

Workstation

Workstation

Workstation

Workstation

Workstation

References & Advisories

Related Vulnerabilities