Description
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Exploits & PoCs
- nucleiVMware ESXi SLP - Heap Overflow DoSby riteshs4hu
References
- VENDOR_ADVISORYhttp://www.vmware.com/security/advisories/VMSA-2019-0022.html
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2019/12/10/2
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2019/12/11/2
- VENDOR_ADVISORYhttps://access.redhat.com/errata/RHSA-2019:4240
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPXXJZLPLAQULBCJVI5NNWZ3PGWXGXWG/
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DA3LYAJ2NRKMOZLZOQNDJ5TNQRFMWGHF/
- VENDOR_ADVISORYhttps://access.redhat.com/errata/RHSA-2020:0199
- MISChttps://security.gentoo.org/glsa/202005-12