VMware产品目录遍历漏洞

漏洞起因
输入验证错误
 
影响系统
VMWare Server 2.0.1 build 156745
VMWare Server 2.0.1
VMWare Server 1.0.9 build 156507
VMWare Server 1.0.9
VMWare Server 1.0.8 build 126538
VMWare Server 1.0.8
VMWare Server 1.0.7 build 108231
VMWare Server 1.0.7
VMWare Server 1.0.6 build 91891
VMWare Server 1.0.6
VMWare Server 1.0.5 Build 80187
VMWare Server 1.0.5
VMWare Server 1.0.4
VMWare Server 1.0.3
VMWare Server 1.0.2
VMWare Server 2.0
VMWare ESXi Server 3.5 ESXe350-20090440
VMWare ESXi Server 3.5
VMWare ESX Server 3.0.3
VMWare ESX Server 3.0.3
VMWare ESX Server 3.5 ESX350-200906407
VMWare ESX Server 3.5 ESX350-200904401
VMWare ESX Server 3.5
 
不受影响系统
VMWare Server 2.0.2 Build 203138
VMWare Server 1.0.10 Build 203137
VMWare ESXi Server 3.5 ESXe350-20091040
VMWare ESX Server 3.0.3 ESX303-200812406-BG
VMWare ESX Server 3.5 ESX350-200910401
 
危害
远程攻击者可以利用漏洞获得敏感信息。
 
攻击所需条件
攻击者必须访问Vmware产品。
 
漏洞信息
Vmware产品存在一个目录遍历漏洞允许获得宿主系统中的任意文件,要发送恶意请求,攻击者必须能访问宿主驻留的网络。
在ESX上,如果攻击者能够访问服务控制台网络(Service Console network),可导致被远程利用。
 
测试方法
 
厂商解决方案
用户可联系供应商升级到如下版本:
VMWare ESXi Server 3.5
VMWare ESXe350-200901401-O-SG.zip
http://download3.vmware.com/software/vi/ESXe350-200901401-O-SG.zip
VMWare ESXe350-200901401-O-SG.zip
ESXi 3.5 patch ESXe350-200901401-I-SG (Directory Traversal)
http://download3.vmware.com/software/vi/ESXe350-200901401-O-SG.zip
VMWare Server 1.0.9
VMWare VMware-server-1.0.10-203137.i386.rpm
VMware Server for Linux rpm
http://download3.vmware.com/software/vmserver/VMware-server-1.0.10-203 137.i386.rpm
VMWare VMware-server-1.0.10-203137.tar.gz
VMware Server for Linux
http://download3.vmware.com/software/vmserver/VMware-server-1.0.10-203 137.tar.gz
VMWare VMware-server-installer-1.0.10-203137.exe
VMware Server for Windows 32-bit and 64-bit
http://download3.vmware.com/software/vmserver/VMware-server-installer– 1.0.10-203137.exe
VMWare VMware-server-linux-client-1.0.10-203137.zip
VMware Server Linux client package
http://download3.vmware.com/software/vmserver/VMware-server-linux-clie nt-1.0.10-203137.zip
VMWare VMware-server-win32-client-1.0.10-203137.zip
VMware Server Windows client package
http://download3.vmware.com/software/vmserver/VMware-server-win32-clie nt-1.0.10-203137.zip
VMWare ESX Server 3.0.3
VMWare ESX303-200812406-BG.zip
ESX 3.0.3 patch ESX303-200812406-BG (Directory Traversal)
http://download3.vmware.com/software/vi/ESX303-200812406-BG.zip
 
漏洞提供者
Justin Morehouse, Jason Kratzer
  

发表评论?

0 条评论。

发表评论