all InfoSec news
Looking at Patch Gap Vulnerabilities in the VMware ESXi TCP/IP Stack
July 27, 2022, 3:14 p.m. | Reno Robert
Zero Day Initiative - Blog www.zerodayinitiative.com
Over the last few years, multiple VMware ESXi remote, unauthenticated code execution vulnerabilities have been publicly disclosed. Some were also found to be exploited in the wild. Since these bugs were found in ESXi’s implementation of the SLP service, VMware provided workarounds to turn off the service. VMware also disabled the service by default starting with ESX 7.0 Update 2c. In this blog post, we explore another remotely reachable attack surface: ESXi’s TCP/IP stack implemented as a VMkernel …
blog post esxi gap ip ip stack patch tcp vmware vmware esxi vulnerabilities
More from www.zerodayinitiative.com / Zero Day Initiative - Blog
CVE-2024-2887: A Pwn2Own Winning Bug in Google Chrome
1 day, 17 hours ago |
www.zerodayinitiative.com
The April 2024 Security Updates Review
3 weeks, 3 days ago |
www.zerodayinitiative.com
Pwn2Own Vancouver 2024 - Day Two Results
1 month, 1 week ago |
www.zerodayinitiative.com
Pwn2Own Vancouver 2024 - Day One Results
1 month, 1 week ago |
www.zerodayinitiative.com
Pwn2Own Vancouver 2024 - The Full Schedule
1 month, 2 weeks ago |
www.zerodayinitiative.com
The March 2024 Security Update Review
1 month, 3 weeks ago |
www.zerodayinitiative.com
The February 2024 Security Update Review
2 months, 3 weeks ago |
www.zerodayinitiative.com
Jobs in InfoSec / Cybersecurity
Principal Security Engineer
@ Elsevier | Home based-Georgia
Infrastructure Compliance Engineer
@ NVIDIA | US, CA, Santa Clara
Information Systems Security Engineer (ISSE) / Cybersecurity SME
@ Green Cell Consulting | Twentynine Palms, CA, United States
Sales Security Analyst
@ Everbridge | Bengaluru
Alternance – Analyste Threat Intelligence – Cybersécurité - Île-de-France
@ Sopra Steria | Courbevoie, France
Third Party Cyber Risk Analyst
@ Chubb | Philippines