Computer Security

VMWare VirtualCenter information leak
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



VMWare VirtualCenter information leak
Published:15.08.2008
Source:BUGTRAQ
SecurityVulns ID:9223
Type:remote
Level:4/10
Description:It's possible to obtain username information.
Affected:VMWARE : VirtualCenter 2.0
 VMWARE : VirtualCenter 2.5
CVE:CVE-2008-3514 (VMware VirtualCenter 2.5 before Update 2 and 2.0.2 before Update 5 relies on client-side "enabled/disabled functionality" for access control, which allows remote attackers to determine valid user names by enabling functionality in the GUI and then making an "attempt to assign permissions to other system users.")
Original documentdocumentVMWARE, VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability (15.08.2008)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server