VMware vCenter Update Manager Directory Traversal (VMSA-2011-0014)

High Nessus Plugin ID 56958

Synopsis

An application on the remote web server has a directory traversal vulnerability.

Description

The version of Jetty web server included with VMware vCenter Update Manager on the remote host has a directory traversal vulnerability.
This is a variant of the issue previously addressed by VMware advisory VMSA-2010-0012.

The web server runs as SYSTEM by default. A remote, unauthenticated attacker could exploit this to read arbitrary files from the host.

Solution

Upgrade to vCenter Update Manager 4.1 Update 2 / 4.0 Update 4 or later.

See Also

http://web.archive.org/web/20160412032437/http://dsecrg.com/pages/vul/show.php?id=342

https://www.vmware.com/security/advisories/VMSA-2011-0014.html

Plugin Details

Severity: High

ID: 56958

File Name: vmware_vcenter_update_mgr_vmsa-2011-0014.nasl

Version: 1.14

Type: remote

Family: CGI abuses

Published: 2011/11/28

Updated: 2018/11/15

Dependencies: 56957

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:vmware:vcenter_update_manager

Required KB Items: www/vcenter_update_mgr

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: false

Exploit Ease: No exploit is required

Patch Publication Date: 2011/11/17

Vulnerability Publication Date: 2011/11/17

Reference Information

CVE: CVE-2011-4404

BID: 50723

VMSA: 2011-0014

IAVA: 2011-A-0160

EDB-ID: 18138