1050 matches found
Memory corruption
VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy NFC protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of...
CVE-2012-6326
CVE-2012-6326 affects VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCenter Server Appliance/vCSA 5.0 before Update 2, enabling unauthenticated remote users to trigger abnormally large log entries and cause a denial of service (disk consumption). Connected advisories conf...
CVE-2013-1659
CVE-2013-1659 affects VMware vCenter Server and ESXi/ESX products, where improper implementation of the Network File Copy (NFC) protocol enables a man‑in‑the‑middle to modify the client–server data stream, potentially causing memory corruption or arbitrary code execution. Affected: VMware vCenter...
CVE-2012-6326
VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service disk consumption via vectors that trigger large log entries...
VMSA-2013-0003:VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues.
VMSA-2013-0003 VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0003 VMware Security Advisory Synopsis: VMware vCenter Server, ESXi and ESX address an NFC...
Memory corruption
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management...
CVE-2013-1405
CVE-2013-1405 affects multiple VMware products (vCenter Server, VirtualCenter, vSphere Client, VI-Client, ESXi/ESX 3.5–4.1). A flaw in the management authentication protocol allows remote servers to trigger code execution or memory corruption via unspecified vectors. VMware’s VMSA-2013-0001 descr...
CVE-2013-1405
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management...
VMware vCenter Server Detection (HTTP)
HTTP based detection of VMware vCenter Server. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2013-1004
Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 6.6 p1-r1 OpenSSH through 6.1 VMware vCenter Server affected versions not specified Check Point GAiA affected versions not specified Description The issue is related to a mechanism in OpenSSH that can cause a denial o...
VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries
The remote ESXi is missing one or more security related Updates from VMSA-2013-0001. Summary VMware vSphere security updates for for the authentication service and third party libraries Relevant releases vCenter Server 4.1 without Update 3a vSphere Client 4.1 without Update 3a ESXi 4.1 without...
VMware vSphere security updates for the authentication service and third party libraries
a. VMware vSphere client-side authentication memory corruption vulnerabilityVMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the handling of the management authentication protocol. To exploit this vulnerability, an attacker must convince either vCenter Server, vSphere...
vCenter Server Appliance任意文件下载漏洞
Bugtraq ID:57022 CVE ID:CVE-2012-6325 VMware vCenter Server可以快速部署虚拟机,并监控物理服务器和虚拟机的性能,可通过单个界面部署、监控和管理虚拟化IT 环境,并确保最佳的服务级别。 vCenter Server Appliance存在一个XML解析漏洞,通过XML文件传递的输入在用于下载文件之前缺少校验,允许通过验证的远程用户获得系统任意文件。 0 VMware vCenter Server Appliance 5.x 厂商解决方案 VMware vCenter Server Appliance 5.1和vCenter Serv...
vCenter Server Appliance目录遍历漏洞(CVE-2012-6324)
Bugtraq ID:57021 CVE ID:CVE-2012-6324 VMware vCenter Server可以快速部署虚拟机,并监控物理服务器和虚拟机的性能,可通过单个界面部署、监控和管理虚拟化IT 环境,并确保最佳的服务级别。 vCenter Server Appliance存在一个目录遍历漏洞,允许通过验证的远程用户读取系统敏感文件内容。 0 VMware vCenter Server Appliance 5.x 厂商解决方案 VMware vCenter Server Appliance 5.1和vCenter Server Appliance 5.0 Update...
CVE-2012-6325
VMware vCenter Server Appliance vCSA 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors...
Directory traversal
Directory traversal vulnerability in VMware vCenter Server Appliance vCSA 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors...
CVE-2012-6325
CVE-2012-6325 affects VMware vCenter Server Appliance (vCSA) 5.0 prior to Update 2, due to an XML parsing vulnerability that allows an authenticated remote user to read arbitrary files. The issue is documented in the VMware advisory VMSA-2012-0018 and is addressed by upgrading to vCSA 5.0 Update ...
CVE-2012-6324
CVE-2012-6324 is a directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) affecting vCSA 5.0 before Update 2 and 5.1 before Patch 1. An authenticated remote user can read arbitrary files via unspecified vectors. The advisory VMSA-2012-0018 confirms the issue and its remediati...
CVE-2012-6324
Directory traversal vulnerability in VMware vCenter Server Appliance vCSA 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors...
VMware security updates for vCSA, vCenter Server, and ESXi
a. vCenter Server Appliance directory traversal The vCenter Server Appliance vCSA contains a directory traversal vulnerability that allows an authenticated remote user to retrieve arbitrary files. Exploitation of this issue may expose sensitive information stored on the server. VMware would like ...