ID de Prueba:	1.3.6.1.4.1.25623.1.0.100502
Categoría:	Remote file access
Título:	VMware Products Directory Traversal Vulnerability
Resumen:	VMWare product(s) are prone to a directory traversal vulnerability.
Descripción:	Summary: VMWare product(s) are prone to a directory traversal vulnerability. Vulnerability Insight: An error exists while handling certain requests can be exploited to download arbitrary files from the host system via directory traversal attacks. Vulnerability Impact: Successful exploitation will let the remote/local attacker to disclose sensitive information. Affected Software/OS: VMware Server version 2.0.x prior to 2.0.2 Build 203138, VMware Server version 1.0.x prior to 1.0.10 Build 203137 on Linux. Solution: Upgrade the VMWare product(s) according to the referenced vendor announcement. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3733 BugTraq ID: 36842 http://www.securityfocus.com/bid/36842 Bugtraq: 20091027 VMSA-2009-0015 VMware hosted products and ESX patches resolve two security issues (Google Search) http://www.securityfocus.com/archive/1/507523/100/0/threaded http://security.gentoo.org/glsa/glsa-201209-25.xml http://lists.vmware.com/pipermail/security-announce/2009/000069.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7822 http://securitytracker.com/id?1023088 http://securitytracker.com/id?1023089 http://secunia.com/advisories/37186 http://www.vupen.com/english/advisories/2009/3062
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.