SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#822476

VMware ESX Server management interface logs passwords in cleartext in a world-readable file

Overview

Certain versions of VMware ESX Server store passwords in a cleartext file that all users have read permissions to.

I. Description

Per the VMware ESX Server datasheet:

    ESX Server installs directly on the server hardware, or “bare metal,” and inserts a robust virtualization layer between the hardware and the operating system. ESX Server partitions a physical server into multiple secure and portable virtual machines that can run side by side on the same physical server.

VMware ESX server includes a web interface that can be used for remote management. On affected versions, when a user changes their password, the new credentials are recorded in the server logs as plain text files in directories that all users can read.

The affected versions of VMware ESX server are:
  • VMware ESX prior to 2.5.3 upgrade patch 2
  • VMware ESX prior to 2.1.3 upgrade patch 1
  • VMware ESX prior to 2.0.2 upgrade patch 1

II. Impact

Local users can read the passwords of any user who changed their password through the web interface.

III. Solution

Upgrade

VMware has issued upgrades that address this issue. Refer to VMware ESX Server 2.5.3 Upgrade Patch 2, VMware ESX Server 2.1.3 Upgrade Patch 1, or VMware ESX Server 2.0.2 Upgrade Patch 1 for more details.

Systems Affected

VendorStatusDate NotifiedDate Updated
VMwareVulnerable24-Aug-2006

References


http://secunia.com/advisories/21230/
http://kb.vmware.com/kb/2118366
http://www.vmware.com/download/esx/esx-253-200606-patch.html

Credit

Thanks to Corsaire for reporting this vulnerability.

This document was written by Ryan Giobbi.

Other Information

Date Public:2006-07-31
Date First Published:2006-08-24
Date Last Updated:2006-08-29
CERT Advisory: 
CVE-ID(s):CVE-2005-3620
NVD-ID(s):CVE-2005-3620
US-CERT Technical Alerts: 
Metric:0.31
Document Revision:38

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2006 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader