Executive Summary

Summary
Title VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability
Informations
Name VMSA-2011-0014 First vendor Publication 2011-11-17
Vendor VMware Last vendor Modification 2011-11-17
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

a. Directory traversal in third party Jetty Web server component

VMware vSphere Update Manager is an automated patch management solution for VMware ESX hosts and Microsoft virtual machines. Update Manager embeds the Jetty Web server which is a third party component.

The way the Jetty Web Server in vSphere Update Manager is configured allows for directory traversal. This issue is a variant of the directory traversal issue that was addressed in earlier versions of vSphere Update Manager. See VMSA-2010-0012 for additional information.

VMware would like to thank Alexey Sintsov from Digital Security Research Group for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-4404 to this issue.

Original Source

Url : http://www.vmware.com/security/advisories/VMSA-2011-0014.html

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-16 Configuration

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 6

ExploitDB Exploits

id Description
2011-11-21 VMware Update Manager Directory Traversal

Open Source Vulnerability Database (OSVDB)

Id Description
54186 Jetty HTTP Server Document Root Traversal Arbitrary File Access

Jetty contains a flaw that allows a remote attacker to access files outside of the web path. The issue is due to the ResourceHandler and DefaultServlet's alias handling not properly sanitizing user input, specifically directory traversal style attacks (../../).

Information Assurance Vulnerability Management (IAVM)

Date Description
2011-12-01 IAVM : 2011-A-0160 - Multiple Vulnerabilities in VMware vCenter Server 4.0 and vCenter Update Mana...
Severity : Category I - VMSKEY : V0030769

Metasploit Database

id Description
2011-11-21 VMWare Update Manager 4 Directory Traversal
2011-11-21 VMWare Update Manager 4 Directory Traversal

Nessus® Vulnerability Scanner

Date Description
2011-11-28 Name : An application on the remote web server has a directory traversal vulnerability.
File : vmware_vcenter_update_mgr_vmsa-2011-0014.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2020-05-23 13:17:15
  • Multiple Updates
2015-06-10 21:26:00
  • Multiple Updates
2014-02-17 12:07:21
  • Multiple Updates
2014-01-03 17:19:09
  • Multiple Updates
2013-11-11 12:41:40
  • Multiple Updates