Search the VMware Knowledge Base (KB)
View by Article ID

Security Response to BugTraq 15998 (CVE-2005-4459): Vulnerability in NAT Networking (2000)

  • 3 Ratings


I am using a VMware product affected by the vulnerability described on the Security Focus Web site at and on the CERT Web site at What do I need to do to correct the problem and protect my host machine?


The Common Vulnerabilities and Exposures project ( has assigned the name CVE-2005-4459 to this issue.

VMware has issued updates to VMware Workstation, VMware GSX Server, VMware ACE, and VMware Player to address a potential vulnerability in the NAT networking component of these products.

VMware ESX Server, VMware VirtualCenter, and VMware Virtual Infrastructure Node are not subject to this vulnerability.

The vulnerability in the NAT component affects VMware Workstation 5.5, VMware GSX Server 3.2, VMware ACE 1.0.1, VMware Player 1.0, and previous releases of these products.

The vulnerability affects users who configure their virtual machines to use NAT networking. It does not affect virtual machines using other types of networking.

When a virtual machine is using NAT networking, a malicious guest could potentially use a specific NAT networking configuration to execute unwanted code on the host machine.

This information is particularly relevant to malware researchers who use VMware software to audit viruses, spyware, and other malware. However, VMware recommends that all affected users update their products to the new releases available at in order to optimize the security profile for their VMware environments.

The following versions correct the problem:

  • For VMware Workstation 5.x: VMware Workstation 5.5.1 or higher
  • For VMware Workstation 4.x: VMware Workstation 4.5.3 or higher
  • For VMware Player: VMware Player 1.0.1 or higher
  • For VMware ACE 1.x: VMware ACE 1.0.2 or higher
  • For VMware GSX Server 3.x: VMware GSX Server 3.2.1 or higher

If you choose not to update your product but want to ensure that the NAT service is not available, you can disable it completely on the host. For instructions, see


2000; alertz; urlz; CVE-2005-4459

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.


  • 3 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)

Please enter the Captcha code before clicking Submit.
  • 3 Ratings