Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

VMware Update Manager Directory Traversal

🗓️ 20 Nov 2011 00:00:00Reported by Alexey SintsovType 
zdt
 zdt🔗 0day.today👁 28 Views

VMware Update Manager Directory Traversal CVE-2011-440

Related
Code
ReporterTitlePublishedViews
Family
Check Point Advisories		VMware Update Manager Directory Traversal (CVE-2011-4404)
4 Sep 201200:00
checkpoint_advisories
CVE		CVE-2011-4404
19 Nov 201102:00
cve
Cvelist		CVE-2011-4404
19 Nov 201102:00
cvelist
Exploit DB		VMware - Update Manager Directory Traversal
21 Nov 201100:00
exploitdb
exploitpack		VMware - Update Manager Directory Traversal
21 Nov 201100:00
exploitpack
Metasploit		VMWare Update Manager 4 Directory Traversal
8 Jun 201509:58
metasploit
NVD		CVE-2011-4404
19 Nov 201103:58
nvd
Packet Storm		VMware Update Manager Directory Traversal
21 Nov 201100:00
packetstorm
Packet Storm		VMWare Update Manager 4 Directory Traversal
31 Aug 202400:00
packetstorm
Prion		Directory traversal
19 Nov 201103:58
prion
Rows per page
# Exploit Title:VMware Update Manager Directory Traversal
# Date:18/11/2011
# Author: Alexey Sintsov
# Software Link: http://www.vmware.com/
# Version:2.0.2
# Tested on: Windows 2003 / vCenter Update Manager 4.1 U1
# CVE : CVE-2011-4404
 
DSECRG-11-042 VMware Update Manager - Directory Traversal
 
 
Application: VMware Update Manager
Versions Affected: vCenter Update Manager 4.1 prior to Update 2, vCenter Update Manager 4.0 prior to Update 4
Vendor URL: http://vmware.com
Bugs: Directory Traversal File Read
CVE: CVE-2011-4404
CVSS2: 7.8
Exploits: YES
Reported: 06.06.2010
Vendor response: 06.06.2010
Date of Public Advisory: 18.11.2011
Authors: Alexey Sintsov
Digital Security Research Group [DSecRG] (research [at] dsecrg [dot]com)
 
Description
********
Directory Traversal vulnerability was found in Jetty web server that is used by VMware Update manager.
 
Details
*******
Directory Traversal vulnerability was found in Jetty web server that is used by VUM.
With this vulnerability, an non-authenticated attacker can read any file on the server (with rights of the process).
 
Sample
******
http://<target>:9084/vci/downloads/.\..\..\..\..\..\..\..\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL\rui.key
 
 
References
**********
 
http://dsecrg.com/pages/vul/show.php?id=342
http://www.vmware.com/security/advisories/VMSA-2011-0014.html
 
 
Fix Information
*************
 
Vendor make fix for this issue:
Fixed in Update Manager 5.0 Windows not affected
Fixed in Update Manager 4.1 Windows Update 2
Fixed in Update Manager 4.0 Windows Update 4



#  0day.today [2018-04-10]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
20 Nov 2011 00:00Current
7.1High risk
Vulners AI Score7.1
EPSS0.63234
vmware update managerdirectory traversaljetty web servervulnerabilitynon-authenticated attackerfile readcve-2011-4404vumupdate manager 4.1update manager 4.0cve-2011-4404vulnerabilityadvisoryfix information
28