VMware updated VMware ESXi and ESX to fix a Network File Copy (NFC) protocol unhandled exception vulnerability that can force the user to suffer through a denial-of-service (DoS) attack.
“VMware ESXi and ESX contain a vulnerability in the handling of the Network File Copy (NFC) protocol. To exploit this vulnerability, an attacker must intercept and modify the NFC traffic between ESXi/ESX and the client. Exploitation of the issue may lead to a Denial of Service,” said the VMware advisory.
ESXi versions 4.0, 4.1, 5.0 and 5.1, and ESX versions 4.0 and 4.0 suffer from the issue. vCenter Server, VMware Workstation, Player, ACE and Fusion are not affected.
Alex Chapman of Context Information discovered and reported the security hole.
The patches are available on the VMware website.