Linux Vmware Vcenter - Local File Inclusion

What is "Linux Vmware Vcenter - Local File Inclusion?"

The "Linux Vmware Vcenter - Local File Inclusion" module is designed to detect a vulnerability in Linux appliance-based Vmware Vcenter. This vulnerability is classified as CWE-22 and has a severity level of high, with a CVSS score of 7.5. The module aims to identify instances where the Vcenter is susceptible to local file inclusion.

This module was authored by PR3R00T.

Impact

A successful exploitation of the local file inclusion vulnerability in Vmware Vcenter can allow an attacker to access sensitive files on the system. This can potentially lead to unauthorized disclosure of sensitive information and may further facilitate other attacks on the affected system.

How the module works?

The module utilizes HTTP request templates and matching conditions to identify instances of the local file inclusion vulnerability in Vmware Vcenter. It sends a GET request to the "/eam/vib?id=/etc/passwd" path, attempting to retrieve the "/etc/passwd" file. The module then applies a regex matcher to check if the response contains the string "root:.*:0:0:", indicating the presence of the root user in the file.

The matching conditions are set to ensure that all parts of the response are checked, and the condition is set to "and" to require all conditions to be met for a successful match.

It is important to note that this module is just one test case within the Vidoc platform, which utilizes multiple modules to perform scanning and detection of various misconfigurations, vulnerabilities, and software fingerprints.

The maximum number of requests made by this module is limited to 1.