1050 matches found
CVE-2013-5971
Session fixation vulnerability in the vSphere Web Client Server in VMware vCenter Server 5.0 before Update 3 allows remote attackers to hijack web sessions and gain privileges via unspecified vectors...
CVE-2013-5971
Consolidated detail: CVE-2013-5971 is a session fixation vulnerability in VMware vCenter Server 5.0 before Update 3, specifically in the vSphere Web Client Server. The issue arises from how session IDs are handled, potentially allowing remote attackers to hijack web sessions and gain privileges. ...
VMSA-2013-0012 VMware vSphere updates address multiple vulnerabilities
VMware has updated vCenter Server, vCenter Server Appliance vCSA, vSphere Update Manager VUM, ESXi and ESX to address multiple security vulnerabilities. OpenVAS Vulnerability Test $Id: gbVMSA-2013-0012.nasl 6115 2017-05-12 09:03:25Z teissa $ VMSA-2013-0012 VMware vSphere updates address multiple...
Veeam Backup Temporary Snapshot
Challenge A snapshot named VEEAM BACKUP TEMPORARY SNAPSHOT is found on a VMware Virtual Machine. Cause As detailed in the Veeam Backup & Replication User Guide, a snapshot is created on a VM that is being processed by a Veeam job. This creation of this snapshot causes the VM's base disks to be in...
VMware vCenter Server Appliance Multiple Vulnerabilities (VMSA-2013-0006)
The version of VMware vCenter Server Appliance installed on the remote host is 5.1 earlier than Update 1, and is, therefore, potentially affected by multiple vulnerabilities : - An authenticated code execution vulnerability exists in the Virtual Appliance Management Interface. CVE-2013-3079 - The...
VMware vCenter Server Multiple Vulnerabilities (VMSA-2012-0005)
The version of VMware vCenter Server installed on the remote host is 4.0 before Update 4a, 4.1 before Update 3, or 5.0 before Update 1. As such it is potentially affected by multiple vulnerabilities in the embedded Apache Tomcat server and the Oracle Sun Java Runtime Environment. C Tenable Networ...
CVE-2013-3107
VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password...
Design/Logic Flaw
VMware vCenter Server Appliance vCSA 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root privileges by leveraging Virtual Appliance Management Interface VAMI access...
Authentication flaw
VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password...
CVE-2013-3079
VMware vCenter Server Appliance vCSA 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root privileges by leveraging Virtual Appliance Management Interface VAMI access...
CVE-2013-3107
VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password...
CVE-2013-3107
CVE-2013-3107 affects VMware vCenter Server 5.1 (including 5.1a/5.1b) when Active Directory anonymous LDAP binding is enabled. Remote attackers can bypass authentication by supplying a valid username with an empty password. Root cause: improper handling of login credentials under AD anonymous bin...
CVE-2013-3080
VMware vCenter Server Appliance vCSA 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of service, by leveraging Virtual Appliance Management Interface VAMI web-interface access...
CVE-2013-3079
VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 contains a remote authenticated code execution vulnerability in the Virtual Appliance Management Interface (VAMI). An authenticated attacker with VAMI access can run arbitrary programs with root privileges. The issue is addressed by VMwar...
vCenter Server Appliance 任意代码执行漏洞(CVE-2013-3079)
BUGTRAQ ID: 59507 CVECAN ID: CVE-2013-3079 VMware vCenter Server可以快速部署虚拟机,并监控物理服务器和虚拟机的性能,可通过单个界面部署、监控和管理虚拟化IT 环境,并确保最佳的服务级别。 vCenter Server Appliance 5.1存在远程代码漏洞。如果一个攻击者经过了身份验证,并且获取了VAMI的访问权,那么就可以以root权限运行现有文件。在默认的vCSA设置中,身份验证局限于root,因为root是唯一定义用户。 0 VMWare vCenter Server 5.x 厂商补丁: VMWare ------...
VMware security updates for vCenter Server
a. vCenter Server AD anonymous LDAP binding credential by-passvCenter Server when deployed in an environment that uses Active Directory AD with anonymous LDAP binding enabled doesn't properly handle login credentials. In this environment, authenticating to vCenter Server with a valid user name an...
VMSA-2013-0006:VMware security updates for vCenter Server
VMSA-2013-0006.1 VMware security updates for vCenter Server VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0006.1 VMware Security Advisory Synopsis: VMware security updates for vCenter Server VMware Security Advisory Issue date: 2013-04-25 VMware Security Advisory Update...
Moving custom attributes through import/export of CSV file
Purpose To export custom attributes from one installation of Business View to another, follow these steps: 1. Click Configuration in the top right corner of the screen and navigate to the Import/Export pane. 2. This step is not mandatory If you want to pre-designate which custom attributes Busine...
VMSA-2013-0003 VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues.
The remote ESXi is missing one or more security related Updates from VMSA-2013-0003. OpenVAS Vulnerability Test $Id: gbVMSA-2013-0003.nasl 6065 2017-05-04 09:03:08Z teissa $ VMSA-2013-0003 VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library securi...
CVE-2012-6326
VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service disk consumption via vectors that trigger large log entries...