Total vulnerabilities in the database
VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream.
| Software | From | Fixed in |
|---|---|---|
| vmware / vcenter_server | 4.0-update_4 | 4.0-update_4.x |
| vmware / vcenter_server | 4.0-update_3 | 4.0-update_3.x |
| vmware / vcenter_server | 4.0 | 4.0.x |
| vmware / vcenter_server | 4.0-update_1 | 4.0-update_1.x |
| vmware / vcenter_server | 4.0-update_4a | 4.0-update_4a.x |
| vmware / vcenter_server | 4.0-update_2 | 4.0-update_2.x |
| vmware / vcenter_server_appliance | 5.1 | 5.1.x |
| vmware / vcenter_server_appliance | 5.1.0a | 5.1.0a.x |
| vmware / vcenter_server | 5.0 | 5.0.x |
| vmware / vcenter_server | 5.0-update_1 | 5.0-update_1.x |
| vmware / esxi | 4.1 | 4.1.x |
| vmware / esxi | 4.0-1 | 4.0-1.x |
| vmware / esxi | 3.5 | 3.5.x |
| vmware / esxi | 4.0 | 4.0.x |
| vmware / esxi | 4.0-3 | 4.0-3.x |
| vmware / esxi | 5.1 | 5.1.x |
| vmware / esxi | 5.0-1 | 5.0-1.x |
| vmware / esxi | 5.0 | 5.0.x |
| vmware / esxi | 4.1-2 | 4.1-2.x |
| vmware / esxi | 3.5-1 | 3.5-1.x |
| vmware / esxi | 4.1-1 | 4.1-1.x |
| vmware / esxi | 5.0-2 | 5.0-2.x |
| vmware / esxi | 4.0-4 | 4.0-4.x |
| vmware / esxi | 4.0-2 | 4.0-2.x |