Vigil@nce - VMware ESX, ESXi: NULL pointer dereference via NFC
February 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can dereference a NULL pointer in NFC of VMware ESX or
ESXi, in order to trigger a denial of service.
Impacted products: ESX, ESXi, VMware vSphere Hypervisor
Severity: 2/4
Creation date: 17/01/2014
DESCRIPTION OF THE VULNERABILITY
The NFC (Network File Copy) protocol is used to transfer files.
However, it does not check if a pointer is NULL, before using it.
An attacker can therefore dereference a NULL pointer in NFC of
VMware ESX or ESXi, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/VMware-ESX-ESXi-NULL-pointer-dereference-via-NFC-14104