Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   VMware ESXi Vendors:   VMware
VMware ESX Server URL-Based Password Change Function May Let Remote Users Change a Target User's Password in Certain Cases
SecurityTracker Alert ID:  1016612
SecurityTracker URL:
CVE Reference:   CVE-2005-3618   (Links to External Site)
Date:  Jul 31 2006
Impact:   Modification of authentication information, Modification of user information

Version(s): prior to 2.5.3 upgrade patch 2, 2.1.3 upgrade patch 1, and 2.0.2 upgrade patch 1
Description:   A vulnerability was reported in VMware ESX Server. A remote user may be able to set arbitrary passwords for users.

In certain cases, a remote user can create a specially crafted URL that, when loaded by the target authenticated user, will cause the target user's password to be changed.

A demonstration exploit URL is of the following form:


Stephen de Vries of Corsair discovered this vulnerability.

The vendor was notified on November 15, 2005.

Impact:   A remote user can create a URL that, when loaded by the target user, will execute functions on behalf of the target user. This can be exploited, for example, to change a target user's password.
Solution:   The vendor has issued a fixed version.
Vendor URL: (Links to External Site)
Cause:   Access control error

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, LLC