1. Home
  2. CVE Database
  3. CVE-2007-5360
HIGH · 7.5

CVE-2007-5360

Buffer overflow in OpenPegasus Management server, when compiled to use PAM and with PEGASUS_USE_PAM_STANDALONE_PROC defined, as used in VMWare ESX Server 3.0.1 and 3.0.2, might allow remote attackers ...

Vulnerability Description

Buffer overflow in OpenPegasus Management server, when compiled to use PAM and with PEGASUS_USE_PAM_STANDALONE_PROC defined, as used in VMWare ESX Server 3.0.1 and 3.0.2, might allow remote attackers to execute arbitrary code via vectors related to PAM authentication, a different vulnerability than CVE-2008-0003.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
OpenpegasusManagement ServerAll versions
VmwareEsx3.0.1

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2007-5360?

CVE-2007-5360 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in OpenPegasus Management server, when compiled to use PAM and with PEGASUS_USE_PAM_STANDALONE_PROC defined, as used in VMWare ESX Server 3.0.1 and 3.0.2, might allow remote attackers ...

How severe is CVE-2007-5360?

CVE-2007-5360 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-5360?

Check the references section above for vendor advisories and patch information. Affected products include: Openpegasus Management Server, Vmware Esx.