Описание
VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password.
VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-0518
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6376
- http://lists.vmware.com/pipermail/security-announce/2009/000054.html
- http://seclists.org/fulldisclosure/2009/Apr/0036.html
- http://secunia.com/advisories/34585
- http://www.securityfocus.com/bid/34373
- http://www.vmware.com/security/advisories/VMSA-2009-0005.html
- http://www.vupen.com/english/advisories/2009/0944
Связанные уязвимости
nvd
больше 16 лет назад
VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password.