|Category:||Denial of Service|
|Title:||VMware Server Multiple Cross-Site Scripting Vulnerabilities (Linux)|
|Summary:||Check for the version of VMware Server|
Overview: The host is installed with VMWare Server that is vulnerable to
multiple Cross-Site Scripting vulnerabilities.
- Multiple vulnerabilities can be exploited to disclose sensitive information,
conduct cross-site scripting attacks, manipulate certain data, bypass certain
security restrictions, cause a DoS, or compromise a user's system.
- Certain unspecified input passed to WebWorks help pages is not properly
sanitised before being returned to the user. This can be exploited to execute
arbitrary HTML and script code in a user's browser session in context of an
Successful exploitation will lets attackers to cause a Denial of Service, or
compromise a user's system.
Impact Level: System/Application
VMware Server version 2.0.2 on Linux.
NOTE: Ignore this warning, if above mentioned patch is manually applied.
BugTraq ID: 37346|
Common Vulnerability Exposure (CVE) ID: CVE-2009-3731
Bugtraq: 20091215 VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues (Google Search)
Bugtraq: 20100304 CA20100304-01: Security Notice for CA SiteMinder (Google Search)
|Copyright||Copyright (C) 2009 SecPod|
|This is only one of 38680 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.