Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.100502 |
Categoría: | Remote file access |
Título: | VMware Products Directory Traversal Vulnerability |
Resumen: | The host is installed with VMWare product(s)and is prone to multiple; vulnerability. |
Descripción: | Summary: The host is installed with VMWare product(s)and is prone to multiple vulnerability. Vulnerability Insight: An error exists while handling certain requests can be exploited to download arbitrary files from the host system via directory traversal attacks. Vulnerability Impact: Successful exploitation will let the remote/local attacker to disclose sensitive information. Affected Software/OS: VMware Server version 2.0.x prior to 2.0.2 Build 203138, VMware Server version 1.0.x prior to 1.0.10 Build 203137 on Linux. Solution: Upgrade the VMWare product(s) according to the referenced vendor announcement. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N |
Referencia Cruzada: |
BugTraq ID: 36842 Common Vulnerability Exposure (CVE) ID: CVE-2009-3733 http://www.securityfocus.com/bid/36842 Bugtraq: 20091027 VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues (Google Search) http://www.securityfocus.com/archive/1/507523/100/0/threaded http://security.gentoo.org/glsa/glsa-201209-25.xml http://lists.vmware.com/pipermail/security-announce/2009/000069.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7822 http://securitytracker.com/id?1023088 http://securitytracker.com/id?1023089 http://secunia.com/advisories/37186 http://www.vupen.com/english/advisories/2009/3062 |
Copyright | Copyright (C) 2010 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |