Vulnerability Details : CVE-2008-1364
Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service.
Vulnerability category: Denial of service
Products affected by CVE-2008-1364
- cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-1364
1.80%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 81 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-1364
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2008-1364
-
Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2008-1364
-
Red Hat 2008-06-03Not vulnerable. This issue did not affect the versions of dhcp as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
References for CVE-2008-1364
-
http://www.vupen.com/english/advisories/2008/0905/references
Site en construction
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/41254
-
http://securitytracker.com/id?1019623
-
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
Support Content Notification - Support Portal - Broadcom support portalPatch
-
http://www.securityfocus.com/bid/28276
-
http://www.vmware.com/support/player/doc/releasenotes_player.html
Page not foundPatch
-
http://www.securityfocus.com/archive/1/489739/100/0/threaded
-
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
502 Bad GatewayPatch
-
http://www.vmware.com/support/server/doc/releasenotes_server.html
Page not foundPatch
-
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
Page not foundPatch
-
http://security.gentoo.org/glsa/glsa-201209-25.xml
VMware Player, Server, Workstation: Multiple vulnerabilities (GLSA 201209-25) — Gentoo security
-
http://securityreason.com/securityalert/3755
-
http://www.securityfocus.com/bid/28289
-
http://www.vmware.com/support/fusion/doc/releasenotes_fusion.html
Patch
Jump to