Executive Summary
Summary | |
---|---|
Title | VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities |
Informations | |||
---|---|---|---|
Name | VMSA-2010-0012 | First vendor Publication | 2010-07-19 |
Vendor | VMware | Last vendor Modification | 2010-07-19 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
a. VMware vCenter Update Manager Jetty Web server vulnerabilities VMware vCenter Update Manager is an automated patch management solution for VMware ESX hosts and Microsoft virtual machines. Update Manager embeds the Jetty Web server which is a third party component. The default version of the Jetty Web server in Update Manager is version 6.1.6 for which the following relevant vulnerabilities are reported. A directory traversal vulnerability in Jetty allows for obtaining files from the system where Update Manager is installed by a remote, unauthenticated attacker. The attacker would need to be on the same network as the system where Update Manager is installed. A cross-site scripting vulnerability in Jetty allows for running JavaScript in the browser of the user who clicks a URL containing a malicious request to Update Manager. For an attack to be successful the attacker would need to lure the user into clicking the malicious URL. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-1523 and CVE-2009-1524 to these issues. VMware would like to thank Claudio Criscione of Secure Network for reporting these issues to us. |
Original Source
Url : http://www.vmware.com/security/advisories/VMSA-2010-0012.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
50 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-11-11 | Name : Mandriva Security Advisory MDVSA-2009:291 (jetty5) File : nvt/mdksa_2009_291.nasl |
2009-06-05 | Name : Fedora Core 9 FEDORA-2009-5500 (jetty) File : nvt/fcore_2009_5500.nasl |
2009-06-05 | Name : Fedora Core 11 FEDORA-2009-5509 (jetty) File : nvt/fcore_2009_5509.nasl |
2009-06-05 | Name : Fedora Core 10 FEDORA-2009-5513 (jetty) File : nvt/fcore_2009_5513.nasl |
2009-05-04 | Name : Jetty Cross Site Scripting and Information Disclosure Vulnerabilities File : nvt/jetty_34800.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
54187 | Jetty Directory Listing Semicolon Character XSS Jetty contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate content preceding a ";" for directory listing URLs. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. |
54186 | Jetty HTTP Server Document Root Traversal Arbitrary File Access Jetty contains a flaw that allows a remote attacker to access files outside of the web path. The issue is due to the ResourceHandler and DefaultServlet's alias handling not properly sanitizing user input, specifically directory traversal style attacks (../../). |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-11-28 | Name : An application on the remote web server has a directory traversal vulnerability. File : vmware_vcenter_update_mgr_vmsa-2011-0014.nasl - Type : ACT_GATHER_INFO |
2011-08-24 | Name : The remote web server has a cross-site scripting vulnerability. File : hadoop_jetty_xss.nasl - Type : ACT_GATHER_INFO |
2011-02-17 | Name : The remote host has an update manager installed that is affected by multiple ... File : vmware_VMSA-2010-0012.nasl - Type : ACT_GATHER_INFO |
2010-07-29 | Name : The remote web server has a cross-site scripting vulnerability. File : vmware_vcenter_update_mgr_xss.nasl - Type : ACT_GATHER_INFO |
2009-11-11 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_jetty5-091109.nasl - Type : ACT_GATHER_INFO |
2009-10-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-291.nasl - Type : ACT_GATHER_INFO |
2009-05-27 | Name : The remote Fedora host is missing a security update. File : fedora_2009-5500.nasl - Type : ACT_GATHER_INFO |
2009-05-27 | Name : The remote Fedora host is missing a security update. File : fedora_2009-5509.nasl - Type : ACT_GATHER_INFO |
2009-05-27 | Name : The remote Fedora host is missing a security update. File : fedora_2009-5513.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:07:16 |
|