35 matches found
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in vSphere Data Protection. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2017-0010 and...
VMware vSphere Data Protection (VDP) Man-in-the-Middle Attack Vulnerability
VMware vSphere Data Protection VDP is prone to a man in the middle attack vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2016-7456
VMware vSphere Data Protection VDP 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session...
vSphere Data Protection Detection
This script performs SSH based detection of vSphere Data Protection SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
VMware vSphere Data Protection (VDP) updates address SSH Key-Based authentication issue (VMSA-2016-0024, dpnid) - Active Check
VMware vSphere Data Protection VDP updates address SSH key-based authentication issue. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
VMware vSphere Data Protection (VDP) updates address SSH Key-Based authentication issue (VMSA-2016-0024, admin_key) - Active Check
VMware vSphere Data Protection VDP updates address SSH key-based authentication issue. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
VMware vSphere Data Protection Authentication Bypass Vulnerability
VMware vSphere Data Protection VDP is a disk-based backup and recovery solution from VMware. Integrated with VMware vCenter Server, the server and virtualization management software, the solution can be used to centrally manage backup jobs while storing backup files in deduplicated target storage...
vSphere Data Protection (VDP) update addresses SSH key-based authentication issue
VDP SSH key-based authentication issue VDP contains a private SSH key with a known password that is configured to allow key-based authentication. Exploitation of this issue may allow an unauthorized remote attacker to log into the appliance with root privileges. VMware would like to thank Marc...
VMSA-2016-0024:vSphere Data Protection (VDP) update addresses SSH key-based authentication issue
VMSA-2016-0024.1 vSphere Data Protection VDP updates address SSH Key-Based authentication issue VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0024.1 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: vSphere Data Protection VDP updates addres...
VMware vSphere Data Protection Certificate Validation (VMSA-2015-0002)
The version of VMware vSphere Data Protection installed on the remote host is 5.1.x / 5.5.x prior to 5.5.9, or 5.8.x prior to 5.8.1. It is, therefore, affected by a certificate validation vulnerability that allows man-in-the-middle MitM attacks. C Tenable Network Security, Inc. include"compat.inc...
NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2015-0002 Synopsis: VMware vSphere Data Protection product update addresses a certificate validation vulnerability. Issue date:...
VMware vSphere Data Protection Certificate Validation Security Bypass Vulnerability
VMWare is a "virtual PC" software that allows you to run two or more Windows, DOS, or Linux systems on a single machine at the same time. A validation security bypass vulnerability exists in the VMware vSphere data protection certificate, which can be exploited by an attacker to perform a...
Design/Logic Flaw
VMware vSphere Data Protection VDP 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store ADS and Avamar Virtual Edition AVE 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoo...
CVE-2014-4632
VMware vSphere Data Protection VDP 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store ADS and Avamar Virtual Edition AVE 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoo...
VMSA-2014-0011:VMware vSphere Data Protection product update addresses a CRITICAL information disclosure vulnerability.
VMSA-2014-0011 VMware vSphere Data Protection product update addresses a critical information disclosure vulnerability. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2014-0011 VMware Security Advisory Synopsis: VMware vSphere Data Protection product update addresses a critic...