Strix
26.1K

CVE-2009-0177

UnknownEPSS 8.64%

Last modified

CVE-2009-0177 is a vulnerability of currently unknown severity. vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command.. EPSS estimates a 8.64% chance of exploitation in the next 30 days.

Description

vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command.

Metrics

EPSS Probability
8.64%

94.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
VmwareAce<= 2.5.1
VmwareAce2.5.0
VmwareFusion<= 2.0.1
VmwareServer2.0.0
VmwareVmware Player<= 2.5.1
VmwareVmware Player1.0.0
VmwareVmware Player1.0.1
VmwareVmware Player1.0.2
VmwareVmware Player1.0.3
VmwareVmware Player1.0.4
VmwareVmware Player1.0.6
VmwareVmware Player1.0.7
VmwareVmware Player1.0.8
VmwareVmware Player1.0.9
VmwareVmware Player1.05
VmwareVmware Player2.0
VmwareVmware Player2.0.1
VmwareVmware Player2.0.2
VmwareVmware Player2.0.3
VmwareVmware Player2.0.4
VmwareVmware Player2.0.5
VmwareVmware Player2.5
VmwareVmware Workstation<= 6.51
VmwareVmware Workstation4.5.3
VmwareVmware Workstation5.0
VmwareVmware Workstation5.5.0
VmwareVmware Workstation5.5.1
VmwareVmware Workstation5.5.2
VmwareVmware Workstation5.5.3
VmwareVmware Workstation5.5.4
VmwareVmware Workstation5.5.5
VmwareVmware Workstation5.5.6
VmwareVmware Workstation5.5.7
VmwareVmware Workstation5.5.8
VmwareVmware Workstation6.0
VmwareVmware Workstation6.0.1
VmwareVmware Workstation6.0.2
VmwareVmware Workstation6.0.3
VmwareVmware Workstation6.0.4
VmwareVmware Workstation6.0.5
VmwareVmware Workstation6.5

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2009-0177?
vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command.
How severe is CVE-2009-0177?
Severity scoring for CVE-2009-0177 is pending analysis. The EPSS model estimates a 8.64% probability of exploitation in the next 30 days.
How do I fix CVE-2009-0177?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-0177?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST