VMware Server 匿名VIX API调用漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1205190 漏洞类型 配置错误
发布时间 2001-10-16 更新时间 2008-09-05
CVE编号 CVE-2008-1392 CNNVD-ID CNNVD-200803-323
漏洞平台 N/A CVSS评分 10.0
|漏洞来源
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200803-323
|漏洞详情
VMwareServer是一款简单易用的服务器虚拟工具。VMwareServer中允许控制台来宾用户使用匿名VIXAPI调用,借用未明影响和攻击变量
|参考资料

来源:www.vmware.com
链接:http://www.vmware.com/support/player2/doc/releasenotes_player2.html
来源:www.vmware.com
链接:http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
来源:www.vmware.com
链接:http://www.vmware.com/security/advisories/VMSA-2008-0005.html
来源:XF
名称:vmware-vix-api-unspecified(41551)
链接:http://xforce.iss.net/xforce/xfdb/41551
来源:www.vmware.com
链接:http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
来源:BID
名称:28276
链接:http://www.securityfocus.com/bid/28276
来源:BUGTRAQ
名称:20080318VMSA-2008-0005UpdatedVMwareWorkstation,VMwarePlayer,VMwareServer,VMwareACE,andVMwareFusionresolvecriticalsecurityissues
链接:http://www.securityfocus.com/archive/1/archive/1/489739/100/0/threaded
来源:SREASON
名称:3755
链接:http://securityreason.com/securityalert/3755
来源:MLIST
名称:[security-announce]20080317VMSA-2008-0005UpdatedVMwareWorkstation,VMwarePlayer,VMwareServer,VMwareACE,andVMwareFusionresolvecriticalsecurityissues
链接:http://lists.vmware.com/pipermail/security-announce/2008/000008.html