CVE-2005-4459

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0540%

EPSS Percentile2.55th

Published2005年12月21日

Last Modified2026年4月16日

Vulnerability Description

Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.

Affected Platforms (CPE)

📦

Vmware

Ace

= 1.0

📦

Vmware

Gsx Server

= 2.0

📦

Vmware

Gsx Server

= 2.0.1_build_2129

📦

Vmware

Gsx Server

= 2.5.1

📦

Vmware

Gsx Server

= 2.5.1_build_5336

📦

Vmware

Gsx Server

= 2.5.2

📦

Vmware

Gsx Server

= 3.0

📦

Vmware

Gsx Server

= 3.0_build_7592

📦

Vmware

Gsx Server

= 3.1

📦

Vmware

Gsx Server

= 3.2

📦

Vmware

Player

= 1.0.0

📦

Vmware

Workstation

= 3.2.1

📦

Vmware

Workstation

= 3.4

📦

Vmware

Workstation

= 4.0

📦

Vmware

Workstation

= 4.0.1

📦

Vmware

Workstation

= 4.0.2

📦

Vmware

Workstation

= 4.5.2

📦

Vmware

Workstation

= 4.5.2_build_8848

📦

Vmware

Workstation

= 5.0.0_build_13124

📦

Vmware

Workstation

= 5.5

References & Advisories

🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html

🔗 http://secunia.com/advisories/18162

🔗 http://secunia.com/advisories/18344

🔗 http://securityreason.com/securityalert/282

🔗 http://securityreason.com/securityalert/289

🔗 http://securitytracker.com/id?1015401

🔗 http://www.gentoo.org/security/en/glsa/glsa-200601-04.xml

🔗 http://www.kb.cert.org/vuls/id/856689

Vulnerability Description

Affected Platforms (CPE)

Ace

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Gsx Server

Player

Workstation

Workstation

Workstation

Workstation

Workstation

Workstation

Workstation

Workstation

Workstation

References & Advisories

相關漏洞威脅