fkie_nvd - fkie_cve-2009-0177

fkie_cve-2009-0177

Vulnerability from fkie_nvd

Published

2009-01-20 16:00

Modified

2025-04-09 00:30

Severity ?

Summary

vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command.

References

URL	Tags
cve@mitre.org	http://lists.vmware.com/pipermail/security-announce/2009/000054.html	Patch
cve@mitre.org	http://osvdb.org/51180
cve@mitre.org	http://seclists.org/fulldisclosure/2009/Apr/0036.html	Patch
cve@mitre.org	http://secunia.com/advisories/33372	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/34601	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/34373	Exploit
cve@mitre.org	http://www.securitytracker.com/id?1021512
cve@mitre.org	http://www.vmware.com/security/advisories/VMSA-2009-0005.html	Patch, Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0024	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0944	Vendor Advisory
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6433
cve@mitre.org	https://www.exploit-db.com/exploits/7647
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2009/000054.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/51180
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2009/Apr/0036.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33372	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34601	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/34373	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021512
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2009-0005.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0024	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0944	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6433
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/7647

Impacted products

Vendor	Product	Version
vmware	ace	*
vmware	ace	2.5.0
vmware	fusion	*
vmware	server	2.0.0
vmware	vmware_player	*
vmware	vmware_player	1.0.0
vmware	vmware_player	1.0.1
vmware	vmware_player	1.0.2
vmware	vmware_player	1.0.3
vmware	vmware_player	1.0.4
vmware	vmware_player	1.0.6
vmware	vmware_player	1.0.7
vmware	vmware_player	1.0.8
vmware	vmware_player	1.0.9
vmware	vmware_player	1.05
vmware	vmware_player	2.0
vmware	vmware_player	2.0.1
vmware	vmware_player	2.0.2
vmware	vmware_player	2.0.3
vmware	vmware_player	2.0.4
vmware	vmware_player	2.0.5
vmware	vmware_player	2.5
vmware	vmware_workstation	*
vmware	vmware_workstation	4.5.3
vmware	vmware_workstation	5.0
vmware	vmware_workstation	5.5.0
vmware	vmware_workstation	5.5.1
vmware	vmware_workstation	5.5.2
vmware	vmware_workstation	5.5.3
vmware	vmware_workstation	5.5.4
vmware	vmware_workstation	5.5.5
vmware	vmware_workstation	5.5.6
vmware	vmware_workstation	5.5.7
vmware	vmware_workstation	5.5.8
vmware	vmware_workstation	6.0
vmware	vmware_workstation	6.0.1
vmware	vmware_workstation	6.0.2
vmware	vmware_workstation	6.0.3
vmware	vmware_workstation	6.0.4
vmware	vmware_workstation	6.0.5
vmware	vmware_workstation	6.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:ace:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D249F86-E463-4AB1-BEEE-0828D5A2D761",
              "versionEndIncluding": "2.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4004A38A-01A6-41BE-84EB-1D7C7FAD0214",
              "versionEndIncluding": "2.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A2543D5-AE09-4E90-B27E-95075BE4ACBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "318D5F4B-48C5-4214-B60C-9A2EEEF44835",
              "versionEndIncluding": "2.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3771AFCF-E247-427A-8076-9E36EA457658",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C124AC-C421-459E-8251-E7B3BD33874B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "65DD6966-72EA-4C4D-BC90-B0D534834BA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBFC9B7A-8A40-467B-9102-EE5259EC4D14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E684965-43F7-4A51-850F-4C88F42940E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "357B60EC-C5F1-4FA4-B4AF-F81298479D39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "933562E3-B6D5-4250-A07B-AB8437ED4D55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F23F68-6853-4862-99CB-4F214816358F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAFBF6B0-5E0A-4F62-82C7-D9861D0F5F31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:1.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "43282BF6-665C-4F77-8E95-487523863965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4FFF490-8AA9-4296-99F0-DC57E5D4F56C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FC850AB-7728-4EE3-9EB5-E1E4D7338202",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B1CA212-4114-4D45-B746-9C2AAF60CFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5085E31D-7472-408B-A85D-90337407A24F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D57F024-3484-4EEA-8F9E-08A1AE5E3D19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "13D82E91-181E-4E7D-943D-6FC74D40CEB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_player:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "21C496BC-404A-4C23-A0CB-DEE8BB8550A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EF66E7-ECDA-40F9-9070-5857D2DEF818",
              "versionEndIncluding": "6.51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:4.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0790DFEB-3ADE-4057-BA9D-025BD5F5B477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "433C05BD-1CAC-4F40-9F69-D0333C5F0E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "270D5FAD-A226-4F6F-BF0B-2C6D91C525D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6811B662-07E0-4B95-BFC6-C87C02110C12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "504CD24F-2EC6-45C0-8E46-69BAE8483521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0EAB3D2-79EE-43A3-8A08-3E8140C1B1A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE15637B-FAE4-4FC7-8F45-B3B1554F8F3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B32C157-020F-400B-970C-B93CF573EB27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E1F0A2-8791-4627-8583-55B2A67D2F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3767CDDC-DF72-4AAE-B544-D2DFE02A199D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "640130AA-C905-4DD6-97BD-ABA90705F0B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EBBFDD-AC46-481A-8DA7-64619B447637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC0B1FF0-80DC-433B-9298-346225060808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ECA0396-CBCA-4D21-BD9A-EFCE24D616D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:vmware_workstation:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "94533C3D-8767-44DB-ABF7-B991C3E47858",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command."
    },
    {
      "lang": "es",
      "value": "En la biblioteca vmwarebase.dll, tal y como es usado en el servicio vmware-authd (tambi\u00e9n se conoce como vmware-authd.exe), en VMware Workstation versi\u00f3n  6.5.1 build 126130, versi\u00f3n 6.5.1 y anteriores; VMware Player versi\u00f3n  2.5.1 build 126130, versi\u00f3n 2.5.1 y anteriores; VMware ACE versi\u00f3n 2.5.1 y anteriores; VMware Server versiones 2.0.x anteriores a 2.0.1 build 156745; y VMware Fusion anterior a versi\u00f3n 2.0.2 build 147997, permite a atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo del demonio) por medio de un comando largo (1) USUARIO o (2) PASS."
    }
  ],
  "id": "CVE-2009-0177",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-01-20T16:00:09.030",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/51180"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33372"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34601"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/34373"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1021512"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0024"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0944"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6433"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.exploit-db.com/exploits/7647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2009/000054.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/51180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://seclists.org/fulldisclosure/2009/Apr/0036.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33372"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/34373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2009-0005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0944"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/7647"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-0177 (GCVE-0-2009-0177)

Vulnerability from cvelistv5

Published

2009-01-20 15:26