CVE-2007-0063

Related Files

Gentoo Linux Security Advisory 200711-23

Posted Nov 26, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-23 - Multiple vulnerabilities have been discovered in several VMware products. Neel Mehta and Ryan Smith (IBM ISS X-Force) discovered that the DHCP server contains an integer overflow vulnerability, an integer underflow vulnerability and another error when handling malformed packets, leading to stack-based buffer overflows or stack corruption. Rafal Wojtczvk (McAfee) discovered two unspecified errors that allow authenticated users with administrative or login privileges on a guest operating system to corrupt memory or cause a Denial of Service. Another unspecified vulnerability related to untrusted virtual machine images was discovered. Versions less than 6.0.1.55017 are affected.

tags | advisory, denial of service, overflow, vulnerability

systems | linux, gentoo

advisories | CVE-2004-0813, CVE-2006-3619, CVE-2006-4146, CVE-2006-4600, CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-1716, CVE-2007-4496, CVE-2007-4497, CVE-2007-5617

SHA-256 | a3526d292c687ba2acc51426a177e22a29167c158a791debbef984335b9765fc

Download | Favorite | View

Ubuntu Security Notice 543-1

Posted Nov 16, 2007

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 543-1 - Neel Mehta and Ryan Smith discovered that the VMWare Player DHCP server did not correctly handle certain packet structures. Remote attackers could send specially crafted packets and gain root privileges. Rafal Wojtczvk discovered multiple memory corruption issues in VMWare Player. Attackers with administrative privileges in a guest operating system could cause a denial of service or possibly execute arbitrary code on the host operating system.

tags | advisory, remote, denial of service, arbitrary, root

systems | linux, ubuntu

advisories | CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-4496, CVE-2007-4497

SHA-256 | 24d86ab8d123ae4acdd9b4e09f53f8f65320bd6ed8e974fdbde5b8a7e9ec56dc

Download | Favorite | View

Core Security Technologies Advisory 2007.0928

Posted Oct 11, 2007

Authored by Core Security Technologies, Gerardo Richarte, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability found in OpenBSD's dhcpd allows attackers on the local network to remotely cause the DHCP server to corrupt its process memory and crash; or continue functioning erratically thus denying service to all DHCP clients on the network and, if PF updates are in use, potentially affecting egress/ingress filtering as well. OpenBSD 4.0, 4.1, and 4.2 are affected.

tags | advisory, local

systems | openbsd

advisories | CVE-2007-0063

SHA-256 | cc127679daebed5635aaa505605a453c6446720485c7a6f386cb9d149b3fdbbc

Download | Favorite | View

VMware Security Advisory 2007-0006

Posted Sep 20, 2007

Authored by VMware | Site vmware.com

VMware Security Advisory - Updates have been released for arbitrary code execution, denial of service, and other various vulnerabilities in VMware.

tags | advisory, denial of service, arbitrary, vulnerability, code execution

advisories | CVE-2007-2446, CVE-2007-2447, CVE-2007-0494, CVE-2007-2442, CVE-2007-2443, CVE-2007-2798, CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-4059, CVE-2007-4155, CVE-2007-4496, CVE-2007-4497, CVE-2007-1856, CVE-2006-1174, CVE-2006-4600, CVE-2004-0813, CVE-2007-1716

SHA-256 | f186f94a09bad9dba4b82b1daa59265b1954d193e8533587d0fe2348c1f58bec

Download | Favorite | View