CVE

Id
14824  
CVE No.
CVE-2005-3620  
Status
Candidate  
Description
The management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 records passwords in cleartext in URLs that are stored in world-readable web server log files, which allows local users to gain privileges.  
Phase
Assigned (20051116)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
113581 14824 CVE-2005-3620 BUGTRAQ:20060731 Corsaire Security Advisory - VMware ESX Server Password Disclosure in Log issue  View
113582 14824 CVE-2005-3620 URL:http://www.securityfocus.com/archive/1/archive/1/441727/100/100/threaded  View
113583 14824 CVE-2005-3620 BUGTRAQ:20060801 VMSA-2006-0004 Cross site scripting vulnerability and other fixes  View
113584 14824 CVE-2005-3620 URL:http://www.securityfocus.com/archive/1/archive/1/441825/100/100/threaded  View
113585 14824 CVE-2005-3620 VULNWATCH:20060731 Corsaire Security Advisory - VMware ESX Server Password Disclosure in Log issue  View
113586 14824 CVE-2005-3620 MISC:http://www.corsaire.com/advisories/c051114-003.txt  View
113587 14824 CVE-2005-3620 CONFIRM:http://kb.vmware.com/kb/2118366  View
113588 14824 CVE-2005-3620 CERT-VN:VU#822476  View
113589 14824 CVE-2005-3620 URL:http://www.kb.cert.org/vuls/id/822476  View
113590 14824 CVE-2005-3620 BID:19249  View
113591 14824 CVE-2005-3620 URL:http://www.securityfocus.com/bid/19249  View
113592 14824 CVE-2005-3620 VUPEN:ADV-2006-3075  View
113593 14824 CVE-2005-3620 URL:http://www.vupen.com/english/advisories/2006/3075  View
113594 14824 CVE-2005-3620 SECUNIA:21230  View
113595 14824 CVE-2005-3620 URL:http://secunia.com/advisories/21230  View
113596 14824 CVE-2005-3620 XF:vmware-password-information-disclosure(28112)  View

Related JVN