Lucene search
RootSSV:60775HistoryApr 28, 2013 - 12:00 a.m.
vCenter Server Appliance 任意代码执行漏洞(CVE-2013-3079)
2013-04-2800:00:00
Root
www.seebug.org
13
0.002 Low
EPSS
Percentile
62.4%
BUGTRAQ ID: 59507
CVE(CAN) ID: CVE-2013-3079
VMware vCenter Server可以快速部署虚拟机,并监控物理服务器和虚拟机的性能,可通过单个界面部署、监控和管理虚拟化IT 环境,并确保最佳的服务级别。
vCenter Server Appliance 5.1存在远程代码漏洞。如果一个攻击者经过了身份验证,并且获取了VAMI的访问权,那么就可以以root权限运行现有文件。在默认的vCSA设置中,身份验证局限于root,因为root是唯一定义用户。
0
VMWare vCenter Server 5.x
厂商补丁:
VMWare
VMWare已经为此发布了一个安全公告(VMSA-2013-0006)以及相应补丁:
VMSA-2013-0006:VMware security updates for vCenter Server
链接:http://www.vmware.com/security/advisories/VMSA-2013-0006.html
补丁下载:https://downloads.vmware.com/d/info/datacenter_cloud_infrastructure/vmware_vsphere/5_1
http://www.vmware.com/support/vsphere5/doc/vsphere-vcenter-server-51u1-release-notes.html
Related
prion
prion
Design/Logic Flaw
2013-05-01 12:00:00
cve
cve
CVE-2013-3079
2013-05-01 12:00:00
nessus
nessus
VMware vCenter Server Appliance Multiple Vulnerabilities (VMSA-2013-0006)
2013-07-03 00:00:00
vmware
vmware
VMware security updates for vCenter Server
2013-04-25 00:00:00
VMware security updates for vCenter Server
2013-04-25 00:00:00