VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream.
Publish Date : 2013-02-22 Last Update Date : 2013-02-25
VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues.
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify
a vulnerability or a missing patch. Check out the OVAL definitions
if you want to learn what you should do to verify a vulnerability.