Computer Security
[EN] no-pyccku

VMWare VirtualCenter information leak
SecurityVulns ID:9223
Threat Level:
Description:It's possible to obtain username information.
Affected:VMWARE : VirtualCenter 2.0
 VMWARE : VirtualCenter 2.5
CVE:CVE-2008-3514 (VMware VirtualCenter 2.5 before Update 2 and 2.0.2 before Update 5 relies on client-side "enabled/disabled functionality" for access control, which allows remote attackers to determine valid user names by enabling functionality in the GUI and then making an "attempt to assign permissions to other system users.")
Original documentdocumentVMWARE, VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability (15.08.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod