A vulnerability has been identified in VMware ESX Server, which could be exploited by attackers to execute arbitrary scripting code. For additional information, see : FrSIRT/ADV-2006-2963
Advisory ID : FrSIRT/ADV-2006-5089
CVE ID : CVE-2006-3918
Rated as : Low Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-12-20
Affected Products
VMware ESX Server versions 3.0.x
VMware ESX Server versions 2.5.x
VMware ESX Server versions 2.1.x
VMware ESX Server versions 2.0.x
Solution
A fix for this issue will be included in upcoming patch releases for ESX Server.
The FrSIRT is not aware of any official supplied patch for this issue.