Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2021-21974

Description

OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution.

POC

Reference

- http://packetstormsecurity.com/files/162957/VMware-ESXi-OpenSLP-Heap-Overflow.html

Github

- https://github.com/0xor0ne/awesome-list

- https://github.com/20142995/sectool

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Awrrays/FrameVul

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/CYBERTHREATANALYSIS/ESXi-Ransomware-Scanner-mi

- https://github.com/CYBERTHREATANALYSIS/ESXi_ransomware_scanner

- https://github.com/GhostTroops/TOP

- https://github.com/HynekPetrak/CVE-2019-5544_CVE-2020-3992

- https://github.com/Jalexander798/JA_Tools-Cybersecurity-Resource-2

- https://github.com/NaInSec/CVE-PoC-in-GitHub

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/SYRTI/POC_to_review

- https://github.com/Shadow0ps/CVE-2021-21974

- https://github.com/WhooAmii/POC_to_review

- https://github.com/abirasecurity/CVE-2021-21974_vuln_dectection

- https://github.com/bachkhoasoft/awesome-list-ks

- https://github.com/cc8700619/poc

- https://github.com/chosenonehacks/Red-Team-tools-and-usefull-links

- https://github.com/fardeen-ahmed/Bug-bounty-Writeups

- https://github.com/hateme021202/cve-2021-21974

- https://github.com/hktalent/TOP

- https://github.com/k0mi-tg/CVE-POC

- https://github.com/karimhabush/cyberowl

- https://github.com/manas3c/CVE-POC

- https://github.com/mercylessghost/CVE-2021-21974

- https://github.com/n2x4/Feb2023-CVE-2021-21974-OSINT

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/orgTestCodacy11KRepos110MB/repo-3569-collection-document

- https://github.com/soosmile/POC

- https://github.com/tom0li/collection-document

- https://github.com/trhacknon/Pocingit

- https://github.com/whoforget/CVE-POC

- https://github.com/youwizard/CVE-POC

- https://github.com/zecool/cve

- https://github.com/zhanpengliu-tencent/medium-cve