CVE-2019-5544 PoC — VMware ESXi和VMware Horizon DaaS OpenSLP 缓冲区错误漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2019/CVE-2019-5544.yaml

Associated Vulnerability

Title:VMware ESXi和VMware Horizon DaaS OpenSLP 缓冲区错误漏洞 (CVE-2019-5544)
Description:VMware ESXi和VMware Horizon DaaS都是美国威睿（VMware）公司的产品。VMware ESXi是一套可直接安装在物理服务器上的服务器虚拟化平台。VMware Horizon DaaS是一套专为以云计算服务形式交付桌面和应用而构建的虚拟桌面平台。该平台提供多桌面模式和多数据中心管理等功能。OpenSLP是其中的一个IETF服务位置协议的开源实现。 VMware ESXi和VMware Horizon DaaS中的OpenSLP存在安全漏洞。攻击者可利用该漏洞执行代码。以下产品及

Description

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

File Snapshot


 id: CVE-2019-5544

info:
  name: VMware ESXi SLP - Heap Overflow DoS
  author: riteshs4hu
  severity

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!