VMware Security Updates for vCenter Server (VMSA-2013-0009)

VMware has updated the userworld OpenSSL library in vCenter Server to address multiple security vulnerabilities. OpenVAS Vulnerability Test $Id: gbvcenterVMSA-2013-0009.nasl 6724 2017-07-14 09:57:17Z teissa $ VMware Security Updates for vCenter Server VMSA-2013-0009 Authors: Michael Meyer...

VMware Security Updates for vCenter Server (VMSA-2013-0009)

VMware has updated the userworld OpenSSL library in vCenter Server to address multiple security vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

NEW VMSA-2013-0012 VMware vSphere updates address multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2013-0012 Synopsis: VMware vSphere updates address multiple vulnerabilities Issue date: 2013-10-17 Updated on: 2013-10-17 initial...

VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX

VMware ESXi and ESX unauthorized file access through vCenter Server and ESX OpenVAS Vulnerability Test $Id: gbVMSA-2013-0016.nasl 6086 2017-05-09 09:03:30Z teissa $ VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX Authors: Michael Meyer Copyright: Copyrig...

VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX (remote check)

VMware ESXi and ESX unauthorized file access through vCenter Server and ESX OpenVAS Vulnerability Test $Id: gbVMSA-2013-0016remote.nasl 6074 2017-05-05 09:03:14Z teissa $ VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX remote check Authors: Michael Meyer...

VMware ESXi/ESX unauthorized file access through vCenter Server and ESX (VMSA-2013-0016) - Local Version Check

VMware ESXi and ESX unauthorized file access through vCenter Server and ESX. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VMware ESXi/ESX unauthorized file access through vCenter Server and ESX (VMSA-2013-0016) - Remote Version Check

VMware ESXi and ESX unauthorized file access through vCenter Server and ESX. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VMware ESX and ESXi may allow access to arbitrary files

Overview VMware ESX and ESXi contain a vulnerability in the handling of Virtual Machine file descriptors, which may allow access to arbitrary ESX and ESXi files. Shanon Olsson reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warni...

JVN#13154935: VMware ESX and ESXi may allow access to arbitrary files

VMware ESX and ESXi contain a vulnerability in the handling of Virtual Machine file descriptors, which may allow access to arbitrary ESX and ESXi files. Impact Users that have privileges to execute "Add New Disk" or "Add Existing Disk" in vCenter Server may obtain read and write access to arbitra...

NEW VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2013-0016 Synopsis: VMware ESXi and ESX unauthorized file access through vCenter Server and ESX Issue date: 2013-12-22 Updated on:...

CVE-2013-5973

VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a 1 -flat, 2 -rdm, or 3 -rdmp filename...

CVE-2013-5973

VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a 1 -flat, 2 -rdm, or 3 -rdmp filename...

CVE-2013-5973

CVE-2013-5973 affects VMware ESXi/ESX (versions 4.0–5.5; ESX 4.0–4.1) where a local user with the Virtual Machine Power User or Resource Pool Administrator role can read or modify arbitrary files via the Add Existing Disk action using certain -flat, -rdm, or -rdmp file names. The root cause is im...

VMSA-2013-0016 : VMware ESXi and ESX unauthorized file access through vCenter Server and ESX

a. VMware ESXi and ESX unauthorized file access through vCenter Server and %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory 2013-0016. The text itself is copyright C VMware Inc...

VMSA-2013-0016:VMware ESXi and ESX unauthorized file access through vCenter Server and ESX

VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0016 VMware Security Advisory Synopsis: VMware ESXi and ESX unauthorized file access through vCenter Server and ESX VMware Security...

VMSA-2013-0003 VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues. (remote check)

The remote ESXi is missing one or more security related Updates from VMSA-2013-0003. OpenVAS Vulnerability Test $Id: gbVMSA-2013-0003remote.nasl 6086 2017-05-09 09:03:30Z teissa $ VMSA-2013-0003 VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library...

VMSA-2013-0012 VMware vSphere updates address multiple vulnerabilities (remote check)

VMware has updated vCenter Server, vCenter Server Appliance vCSA, vSphere Update Manager VUM, ESXi and ESX to address multiple security vulnerabilities. OpenVAS Vulnerability Test $Id: gbVMSA-2013-0012remote.nasl 6115 2017-05-12 09:03:25Z teissa $ VMSA-2013-0012 VMware vSphere updates address...

VMware Patches Workstation, Player Vulnerabilities

VMware announced today it has patched a privilege escalation vulnerability in VMware Workstation. Workstation is the hypervisor software connecting multiple virtual machines on host hardware. Compromising a hypervisor would give an attacker remote control over a number guest machines; the risk is...

VMware Security Updates for vCenter Server (VMSA-2013-0012)

The version of VMware vCenter installed on the remote host is 5.0 prior to update 3 or 5.1 prior to update 2. It is, therefore, potentially affected by the following vulnerabilities : - A vulnerability exists in the handling of session IDs, which could lead to an escalation of privileges...

Session fixation

Session fixation vulnerability in the vSphere Web Client Server in VMware vCenter Server 5.0 before Update 3 allows remote attackers to hijack web sessions and gain privileges via unspecified vectors...