SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   VMware vCenter Vendors:   VMware
VMware vCenter Chargeback Manager File Upload Flaw Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1028653
SecurityTracker URL:  http://securitytracker.com/id/1028653
CVE Reference:   CVE-2013-3520   (Links to External Site)
Date:  Jun 11 2013
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Chargeback Manager prior to 2.5.1
Description:   A vulnerability was reported in VMware vCenter Chargeback Manager. A remote user can execute arbitrary code on the target system.

A remote user can exploit a file upload flaw to execute arbitrary code on the target system.

Andrea Micalizzi, aka rgod, reported this vulnerability (via HP's Zero Day Initiative).

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a fix (2.5.1).

The vendor's advisory is available at:

http://www.vmware.com/security/advisories/VMSA-2013-0008.html

Vendor URL:  www.vmware.com/security/advisories/VMSA-2013-0008.html (Links to External Site)
Cause:   Not specified
Underlying OS:  Windows (2003), Windows (2008)

Message History:   None.


 Source Message Contents

Subject:  [Security-announce] NEW VMSA-2013-0008 VMware vCenter Chargeback Manager Remote Code Execution

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID: VMSA-2013-0008
Synopsis:    VMware vCenter Chargeback Manager Remote Code Execution
Issue date:  2013-06-11
Updated on:  2013-06-11 (initial advisory)
CVE number:  CVE-2013-3520
- -----------------------------------------------------------------------

1. Summary

    The vCenter Chargeback Manager contains a critical vulnerability 
    that allows for remote code execution.

2. Relevant releases

    VMware vCenter Chargeback Manager prior to version 2.5.1

3. Problem Description 

   a. vCenter Chargeback Manager Remote Code Execution
       
      The vCenter Chargeback Manager (CBM) contains a flaw in its 
      handling of file uploads. Exploitation of this issue may 
      allow an unauthenticated attacker to execution code remotely.

      VMware would like to thank Andrea Micalizzi, aka rgod, for 
      reporting this issue to us through HP's Zero Day Initiative (ZDI).

      The Common Vulnerabilities and Exposures project (cve.mitre.org)
      has assigned the name CVE-2013-3520 to this issue. 

      Column 4 of the following table lists the action required to
      remediate the vulnerability in each release, if a solution is 
      available. 

        VMware		Product	Running	Replace with/
        Product		Version	on	Apply Patch
        =============	=======	=======	=================
	CBM	 	2.0.1 	any 	CBM 2.5.1		
	CBM 		2.5 	any 	CBM 2.5.1

 4. Solution

      Please review the patch/release notes for your product and version 
      and verify the checksum of your downloaded file. 

     
      VMware vCenter Chargeback Manager
      ---------------------------

      Download link:
     
https://downloads.vmware.com/d/info/it_business_management/vmware_vcenter_c
hargeback/2_5

      Release Notes:
      https://www.vmware.com/support/vcbm/doc/vcbm_2_5_1_release_notes.html

   
5. References

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3520


- -----------------------------------------------------------------------

6. Change log

   2013-06-11 VMSA-2013-0008
   Initial security advisory in conjunction with the release of 
   CBM 2.5.1 on 2013-06-11.

- -----------------------------------------------------------------------

7. Contact

   E-mail list for product security notifications and announcements:
   http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
   
   This Security Advisory is posted to the following lists:
   
     * security-announce at lists.vmware.com
     * bugtraq at securityfocus.com
     * full-disclosure at lists.grok.org.uk
   
   E-mail:  security at vmware.com
   PGP key at: http://kb.vmware.com/kb/1055
   
   VMware Security Advisories
   http://www.vmware.com/security/advisories
   
   VMware security response policy
   http://www.vmware.com/support/policies/security_response.html
   
   General support life cycle policy
   http://www.vmware.com/support/policies/eos.html
   
   VMware Infrastructure support life cycle policy
   http://www.vmware.com/support/policies/eos_vi.html
   
   Copyright 2013 VMware Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: Encryption Desktop 10.3.0 (Build 8741)
Charset: utf-8

wj8DBQFRt2fdDEcm8Vbi9kMRAiqLAKCZzlwzQrLOyP5cKsEUFLcKwE3P6wCgjh1U
DObDM+bAKbkBDPP6+keydIg=
=pck3
-----END PGP SIGNATURE-----
_______________________________________________
Security-announce mailing list
Security-announce@lists.vmware.com
http://lists.vmware.com/mailman/listinfo/security-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC