3 results (0.002 seconds)

CVSS: 9.3EPSS: 1%CPEs: 2EXPL: 0

Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 before ESX350-200810201-UG allows administrators with the Datastore.FileManagement privilege to gain privileges via unknown vectors. Vulnerabilidad de salto de directorio en VMWare ESXi 3.5 anterior a ESXe350-200810401-O-UG y ESX 3.5 anterior a ESX350-200810201-UG; permite a los administradores con el privilegio Datastore.FileManagement, ganar privilegios a través de vectores desconocidos. • http://lists.vmware.com/pipermail/security-announce/2008/000042.html http://secunia.com/advisories/32624 http://www.securityfocus.com/archive/1/498138/100/0/threaded http://www.securityfocus.com/bid/32172 http://www.securitytracker.com/id?1021155 http://www.vmware.com/security/advisories/VMSA-2008-0018.html http://www.vupen.com/english/advisories/2008/3052 https://exchange.xforce.ibmcloud.com/vulnerabilities/46418 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ov • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 0

The configuration of VMware ESX Server 2.x, 2.0.x, 2.1.x, and 2.5.x allows local users to cause a denial of service (shutdown) via the (1) halt, (2) poweroff, and (3) reboot scripts executed at the service console. • http://www.osvdb.org/21584 http://www.vmware.com/support/kb/enduser/std_adp.php?p_sid=dsxk%2ABWh&p_lva=&p_faqid=1817 •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables. • http://www.osvdb.org/21585 http://www.vmware.com/download/esx/esx152-patch4.html http://www.vmware.com/support/kb/enduser/std_adp.php?p_sid=dsxk%2ABWh&p_lva=&p_faqid=1108 •