Symptoms:
The Dropbear SSH server included with ESXi 4.0 and ESXi 4.1 contains a use-after-free vulnerability that allows remote authenticated users to execute arbitrary code. In ESXi 4.0 and ESXi 4.1, administrative access is required to login via SSH. Exploiting this vulnerability provides no gain to an attacker because any authenticated remote user already has sufficient privileges to execute arbitrary code.
The Common Vulnerabilities and Exposures project (
cve.mitre.org) has assigned the name CVE-2012-0920 to this issue.