__________________________________________________________________ Insomnia Security Vulnerability Advisory: ISVA-080812.1 ___________________________________________________________________ Name: VMWare - VirtualCenter User Account Disclosure Released: 12 August 2008 Vendor Link: http://www.vmware.com Affected Products: VirtualCenter 2.5 VirtualCenter 2.0.2 Original Advisory: http://www.insomniasec.com/advisories/ISVA-080812.1.htm Researcher: Brett Moore, Insomnia Security http://www.insomniasec.com ___________________________________________________________________ _______________ Description _______________ VMware VirtualCenter lets customers rapidly provision virtual machines and monitor performance of physical servers and virtual machines. VirtualCenter intelligently optimizes resources, ensures high availability to all applications in virtual machines and makes your IT environment more responsive with virtualization-based distributed services. VirtualCenter is often used by hosting environments that manage virtual server solutions for customers. A vulnerability in the thick client management portal, in conjunction with the backend service, allows a user to gain access to functionality that they are not permitted to have. _______________ Details _______________ The thick client portal used the enabled/disabled functionality of the GUI to perform permission level checking for accessibility. The backend service did not perform any permission checking on certain functions, allowing a user to enable functionality in the GUI and request user account information. Vendor advisory can be found archived at http://seclists.org/bugtraq/2008/Aug/0134.html _______________ Solution _______________ VMWare have released a security update to address this issue; http://www.vmware.com/support/vi3/doc/releasenotes_vc202u5.html _______________ Legals _______________ The information is provided for research and educational purposes only. Insomnia Security accepts no liability in any form whatsoever for any direct or indirect damages associated with the use of this information. ___________________________________________________________________ Insomnia Security Vulnerability Advisory: ISVA-080812.1 ___________________________________________________________________