CVE-2005-4459

Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.

Published: Dec 21, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-4459
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
vmware / gsx_server	3.0_build_7592	3.0_build_7592.x
vmware / gsx_server	3.2	3.2.x
vmware / ace	1.0	1.0.x
vmware / workstation	5.0.0_build_13124	5.0.0_build_13124.x
vmware / workstation	4.0	4.0.x
vmware / gsx_server	2.5.2	2.5.2.x
vmware / workstation	4.0.1	4.0.1.x
vmware / workstation	3.4	3.4.x
vmware / workstation	5.5	5.5.x
vmware / workstation	4.0.2	4.0.2.x
vmware / workstation	3.2.1-patch1	3.2.1-patch1.x
vmware / gsx_server	3.0	3.0.x
vmware / workstation	4.5.2_build_8848-r4	4.5.2_build_8848-r4.x
vmware / gsx_server	2.0	2.0.x
vmware / gsx_server	2.5.1_build_5336	2.5.1_build_5336.x
vmware / gsx_server	2.5.1	2.5.1.x
vmware / player	1.0.0	1.0.0.x
vmware / gsx_server	3.1	3.1.x
vmware / gsx_server	2.0.1_build_2129	2.0.1_build_2129.x
vmware / workstation	4.5.2	4.5.2.x

Vulnerability Database

289,599

CVE-2005-4459