Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Advisory * +Thu Mar 16 02:45:55 EST 2006+ * Directory Transversal in VMware

From: sergio () undercafe cl
Date: Thu, 16 Mar 2006 07:46:01 +0000 (GMT)



Advisory * +Thu Mar 16 02:45:55 EST 2006+ * Directory Transversal in VMware




8=================D~~~~~~~~~~~~~~~~~~~~~~
[+] Background
8=================D~~~~~~~~~~~~~~~~~~~~~~
There was no identified background.
8=================D~~~~~~~~~~~~~~~~~~~~~~
[+] Description
8=================D~~~~~~~~~~~~~~~~~~~~~~
Remote exploitation of a directory traversal vulnerability in VMware could allow attackers to overwrite or view 
arbitrary files with user-supplied contents.

8=================D~~~~~~~~~~~~~~~~~~~~~~
[+] Workaround
8=================D~~~~~~~~~~~~~~~~~~~~~~
There had been no identified workarounds regarding the issue indentified.
8=================D~~~~~~~~~~~~~~~~~~~~~~
[+] CVE Information
8=================D~~~~~~~~~~~~~~~~~~~~~~
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-366369 to this issue

8=================D~~~~~~~~~~~~~~~~~~~~~~
Appendix A Vendor Information
8=================D~~~~~~~~~~~~~~~~~~~~~~
http://www.vmware.com/

8=================D~~~~~~~~~~~~~~~~~~~~~~
Appendix B References
8=================D~~~~~~~~~~~~~~~~~~~~~~
RFC 3818

8=================D~~~~~~~~~~~~~~~~~~~~~~
Contact
8=================D~~~~~~~~~~~~~~~~~~~~~~
SACAR1 sergio () undercafe cl

GSAE CEH CSFA SSP-MPA GIPS GHTQ GWAS CAP 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: