vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P
Vendors Products
Vmware
  • Vmware Workstation
  • Fusion
  • Vmware Player
  • Ace
  • Server

Configuration 1 [-]

OR cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:1.05:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:2.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_player:2.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:5.5.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:5.5.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:5.5.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:6.0.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vmware_workstation:6.5:*:*:*:*:*:*:*
References
Link Resource
http://lists.vmware.com/pipermail/security-announce/2009/000054.html Patch
http://osvdb.org/51180
http://seclists.org/fulldisclosure/2009/Apr/0036.html Patch
http://secunia.com/advisories/33372 Vendor Advisory
http://secunia.com/advisories/34601 Vendor Advisory
http://www.securityfocus.com/bid/34373 Exploit
http://www.securitytracker.com/id?1021512
http://www.vmware.com/security/advisories/VMSA-2009-0005.html Patch Vendor Advisory
http://www.vupen.com/english/advisories/2009/0024 Vendor Advisory
http://www.vupen.com/english/advisories/2009/0944 Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6433
https://www.exploit-db.com/exploits/7647
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2009-01-20T15:26:00

Updated: 2017-10-18T14:57:01

Reserved: 2009-01-20T00:00:00

Link: CVE-2009-0177

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2009-01-20T16:00:09.030

Modified: 2017-10-19T01:30:16.987

Link: CVE-2009-0177

JSON object: View

cve-icon Redhat Information

No data.

CWE