Whether you're in need of a simple file-sharing solution or a solution for a standard nation-wide remote access solution, we can determine the solution best meets your needs, and implement it. | VMSA-2006-0004, Several Security Issues Affecting ESX Server 2.5.x |
| Wednesday, 02 August 2006 | |
| Problem Description: 1. An unauthorized user could potentially construct a specially crafted URL that might change a known user's password. The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2005-3618 to this issue. 2. A local user could view potentially sensitive information. The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2005-3620 to this issue. 3. If an attacker can gain access to browser cookies by any mechanism, such as through a cross site scripting attack, then they could acquire not only the session ID, but also the authentication credentials. The Common Vulnerabilities and Exposures (CVE) project has assigned the CVE-2006-2481 to this issue. Note: This issue was fixed in ESX Server 2.5.3, ESX Server 2.5.2 Patch 4, and ESX Server 2.0.2 and later.Read more... |