Computer Security

VMware ESXi authentication bypass

back  news / advisories / software / search /  forward
[EN] securityvulns.ru no-pyccku


VMware ESXi authentication bypass
Published:03.01.2011
Source:
SecurityVulns ID:11332
Type:remote
Threat Level:
5/10
Description:SFCB access without authentication is possible during update.
Affected:VMWARE : ESXi 4.1
CVE:CVE-2010-4573 (The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is present, does not properly configure the SFCB authentication mode, which allows remote attackers to obtain access via an arbitrary username and password.)
Original documentdocumentVMWARE, VMSA-2010-0020 VMware ESXi 4.1 Update Installer SFCB Authentication Flaw (03.01.2011)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod