VMware (情報元のブックマーク数)
vmware 2.5.1以前にリモートからDoSを受ける脆弱性が存在するそうです。
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Vmware <= 2.5.1 build-126130 Remote Denial of Service Application: Vmware Web Site: http://www.vmware.com/ Platform: Windows * Bug: Remote Denial of Service Tested agains: Vmware player 2.5.1 build-126130, workstation 2.5.1 build-126130, using Windows XP SP3 fully patched -------------------------------------------------------
vmware-authdが912/TCPでシステムプロセスで起動するそうですが、長いユーザ名やパスワードに脆弱でDoSに陥るそうです。
2) Bug
http://www.milw0rm.com/exploits/7647
=======
Vmware-authd listen on 0.0.0.0 port 912 on a windows box by default.
A denial of service exist in the module vmwarebase.dll of the system process vmware-authd.exe when a long username
or password is supplied to the service, code execution doesn't look possible at this time.
A dump file will be created here: C:\Documents and Settings\LocalService\Application Data\VMware\vmware-authd-*.dmp
Also some old version of this binary (like 6.00.3938.0000) doesn't seems vulnerable to this DoS.