Insomnia Security Vulnerability Advisory: ISVA-080812.1

__________________________________________________________________

 Insomnia Security Vulnerability Advisory: ISVA-080812.1
___________________________________________________________________

 Name: VMWare - VirtualCenter User Account Disclosure
 Released: 12 August 2008
  
 Vendor Link: 
    http://www.vmware.com
  
 Affected Products:
     VirtualCenter 2.5
     VirtualCenter 2.0.2
 
 Original Advisory: 
    http://www.insomniasec.com/advisories/ISVA-080812.1.htm
 
 Researcher: 
    Brett Moore, Insomnia Security
    http://www.insomniasec.com
___________________________________________________________________

_______________

 Description
_______________

VMware VirtualCenter lets customers rapidly provision virtual
machines and monitor performance of physical servers and virtual 
machines. VirtualCenter intelligently optimizes resources, ensures 
high availability to all applications in virtual machines and makes 
your IT environment more responsive with virtualization-based 
distributed services.

VirtualCenter is often used by hosting environments that manage
virtual server solutions for customers.

A vulnerability in the thick client management portal, in conjunction
with the backend service, allows a user to gain access to 
functionality that they are not permitted to have.

_______________

 Details
_______________

The thick client portal used the enabled/disabled functionality of
the GUI to perform permission level checking for accessibility. The
backend service did not perform any permission checking on certain
functions, allowing a user to enable functionality in the GUI and
request user account information. 

Vendor advisory can be found archived at
http://seclists.org/bugtraq/2008/Aug/0134.html

_______________

 Solution
_______________

VMWare have released a security update to address this issue;
http://www.vmware.com/support/vi3/doc/releasenotes_vc202u5.html

_______________

 Legals
_______________

The information is provided for research and educational purposes
only. Insomnia Security accepts no liability in any form whatsoever
for any direct or indirect damages associated with the use of this
information.

___________________________________________________________________
 
 Insomnia Security Vulnerability Advisory: ISVA-080812.1
___________________________________________________________________