Session fixation vulnerability in the vSphere Web Client Server in VMware vCenter Server 5.0 before Update 3 allows remote attackers to hijack web sessions and gain privileges via unspecified vectors.

hostd-vmdb in VMware ESXi 4.0 through 5.0 and ESX 4.0 through 4.1 allows remote attackers to cause a denial of service (hostd-vmdb service outage) by modifying management traffic.