Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
VMware Fixes Remote Code Execution Vulnerability
- This topic has 0 replies, 1 voice, and was last updated 3 months, 3 weeks ago by .
VMware recently updated all of their ESXi hypervisor products, but failed to completely fix a remote code execution vulnerability. This flaw exists within OpenSLP, which is a feature of ESXi that allows VMs to discover available network services. An attacker would be able to access port 427 and be able to trigger a “use-after-free” resulting in remote execution of malicious code. A patch has been released that now fixes this issue.
You must be logged in to reply to this topic.