Vulnerability Details CVE-2019-5544
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.871
EPSS Ranking 99.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Proposed Action
VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution.
Ransomware Campaign
Known
References
- http://www.openwall.com/lists/oss-security/2019/12/10/2
- http://www.openwall.com/lists/oss-security/2019/12/11/2
- http://www.vmware.com/security/advisories/VMSA-2019-0022.html
- https://access.redhat.com/errata/RHSA-2019:4240
- https://access.redhat.com/errata/RHSA-2020:0199
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DA3LYAJ2NRKMOZLZOQNDJ5TNQRFMWGHF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPXXJZLPLAQULBCJVI5NNWZ3PGWXGXWG/
- https://security.gentoo.org/glsa/202005-12
- http://www.openwall.com/lists/oss-security/2019/12/10/2
- http://www.openwall.com/lists/oss-security/2019/12/11/2
- http://www.vmware.com/security/advisories/VMSA-2019-0022.html
- https://access.redhat.com/errata/RHSA-2019:4240
- https://access.redhat.com/errata/RHSA-2020:0199
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DA3LYAJ2NRKMOZLZOQNDJ5TNQRFMWGHF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPXXJZLPLAQULBCJVI5NNWZ3PGWXGXWG/
- https://security.gentoo.org/glsa/202005-12
Products affected by CVE-2019-5544
-
cpe:2.3:a:openslp:openslp:0.6.1
-
cpe:2.3:a:openslp:openslp:0.6.2
-
cpe:2.3:a:openslp:openslp:0.6.3
-
cpe:2.3:a:openslp:openslp:0.6.4
-
cpe:2.3:a:openslp:openslp:0.6.5
-
cpe:2.3:a:openslp:openslp:0.6.6
-
cpe:2.3:a:openslp:openslp:0.6.7
-
cpe:2.3:a:openslp:openslp:0.7.0
-
cpe:2.3:a:openslp:openslp:0.7.1
-
cpe:2.3:a:openslp:openslp:0.7.2
-
cpe:2.3:a:openslp:openslp:0.7.5
-
cpe:2.3:a:openslp:openslp:0.7.6
-
cpe:2.3:a:openslp:openslp:0.7.7
-
cpe:2.3:a:openslp:openslp:0.7.8
-
cpe:2.3:a:openslp:openslp:0.8.0
-
cpe:2.3:a:openslp:openslp:0.8.1
-
cpe:2.3:a:openslp:openslp:0.8.2
-
cpe:2.3:a:openslp:openslp:0.8.3
-
cpe:2.3:a:openslp:openslp:0.9.0
-
cpe:2.3:a:openslp:openslp:0.9.1
-
cpe:2.3:a:openslp:openslp:1.0.0
-
cpe:2.3:a:openslp:openslp:1.0.1
-
cpe:2.3:a:openslp:openslp:1.0.10
-
cpe:2.3:a:openslp:openslp:1.0.11
-
cpe:2.3:a:openslp:openslp:1.0.2
-
cpe:2.3:a:openslp:openslp:1.0.3
-
cpe:2.3:a:openslp:openslp:1.0.4
-
cpe:2.3:a:openslp:openslp:1.0.5
-
cpe:2.3:a:openslp:openslp:1.0.6
-
cpe:2.3:a:openslp:openslp:1.0.7
-
cpe:2.3:a:openslp:openslp:1.0.8a
-
cpe:2.3:a:openslp:openslp:1.0.9a
-
cpe:2.3:a:openslp:openslp:1.1.0
-
cpe:2.3:a:openslp:openslp:1.2.0
-
cpe:2.3:a:openslp:openslp:1.2.1
-
cpe:2.3:a:openslp:openslp:2.0.0
-
cpe:2.3:a:vmware:horizon_daas:8.0.0
-
cpe:2.3:a:vmware:horizon_daas:8.0.1
-
cpe:2.3:o:fedoraproject:fedora:30
-
cpe:2.3:o:fedoraproject:fedora:31
-
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
-
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
-
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x
-
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x
-
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x
-
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64
-
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64
-
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64
-
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le
-
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le
-
cpe:2.3:o:redhat:enterprise_linux_server:6.0
-
cpe:2.3:o:redhat:enterprise_linux_server:7.0
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7
-
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7
-
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
-
cpe:2.3:o:vmware:esxi:6.0
-
cpe:2.3:o:vmware:esxi:6.5
-
cpe:2.3:o:vmware:esxi:6.7