CVE-2003-1291

Description

VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables.

Affected products

• VMware / esx1.5.2 – 1.5.2
• VMware / esx1.5.2 – 1.5.2
• VMware / esx1.5.2 – 1.5.2

References

• MISChttp://www.osvdb.org/21585
• VENDOR_ADVISORYhttp://www.vmware.com/download/esx/esx152-patch4.html
• VENDOR_ADVISORYhttp://www.vmware.com/support/kb/enduser/std_adp.php?p_sid=dsxk%2ABWh&p_lva=&p_faqid=1108