back to article 7*7 = a simple equation for taking total control of multiple VMware-powered clouds

Ethical hacking firm Citadelo has explained a bug it discovered which allowed complete takeover of multiple VMware-powered clouds. The flaw, CVE-2020-3956, was thankfully patched in mid-May. We say thankfully because it impacted vCloud Director, the tool VMware recommends service providers use to run multiple clouds for their …

  1. jake Silver badge

    Oh, my ...

    "That was telling because it suggested something on the server side was capable of multiplication."

    Makes me wonder what other rookie errors there are lurking in VMware ... not that I have time to go looking, you understand.

    1. big_D Silver badge
      Facepalm

      Re: Oh, my ...

      Yes, you should be escaping input, especially names, not executing it...

  2. JeffB

    Windows sevens

    That tag line reminded me of a very old hack in Windows 3.51 and maybe even early editions of 95. Back in the day when Windows serial numbers did not contain any letters, somebody spotted that they were always divisible by 7, so you could just mash away at the 7 key, hit OK and you were licensed...

  3. BenDwire
    Joke

    42?

    I'm surprised that they didn't use ${6*7}, as that usually yields the answer to everything ...

    1. Steve Foster
      Joke

      Re: 42?

      You mean ${6*9} surely!

      1. Anonymous Coward
        Anonymous Coward

        Re: 42?

        Once you execute ${6*9} , you just have a mess to clean up.

  4. Will Godfrey Silver badge
    FAIL

    How?

    Can someone explain please.

    I simply cannot imagine coding even the simplest of user accessible systems without decent input sanitation.

    1. Claptrap314 Silver badge
      Pint

      Re: How?

      Congratulations! You now have this certificate that you have more sense than about 70% of programmers currently employed.

      As always, the beer is for crying in.

    2. jake Silver badge

      Re: How?

      Well, what do you expect when Management in the Corporate World is firing old programmers and hiring wet-behind-the-ears new graduates with absolutely zero street smarts? Throw in so-called "DevOps" and its insistence that QA can be dispensed with (as a money saving measure, don'tchaknow) along with Marketing's attitude of "just ship it, we don't care if it's useful to anybody, some schmuck will buy it!" and Bob's your Auntie.

      The proverbial thinking man can probably see that it's only going to get worse before it gets better ... and a techie with an entrepreneurial bent can undoubtedly figure out how to profit from this shortsightedness on the part of marketing and management.

  5. Anonymous Coward
    Joke

    Test.

    Dear Reg forum, what is [7*7]?

    (PS, joke alert or troll icon?)

    [Edit] Ah, the posts don't execute code then. And do you still have to be special to get html/bb code to even execute?

    1. diodesign (Written by Reg staff) Silver badge

      Re: Test.

      There should be no code execution! That would be a security vulnerability.

      C.

      1. Francis Boyle Silver badge

        I don't know

        Has any tried executing one of amanfromMars' posts.

        1. jake Silver badge

          Re: I don't know

          amfM's posts aren't executables, they are scripts and are parsed.

          1. amanfromMars 1 Silver badge

            Re: I don't know

            amfM's posts aren't executables, they are scripts and are parsed. .... jake

            I wouldn't be relying and putting any lives on the line that scripts are not executables, jake.

            And I'm not sure that I agree they are parsed either.

            1. jake Silver badge
              Pint

              Re: I don't know

              A script is not an executable in and of itself (not withstanding *nix parlance), rather it automates the execution of a task or tasks, some of which may be executables.

              You are quite correct. The proper parser is difficult to come by, so they probably aren't parsed as often as they ought to be. My bad.

              Make that "they are scripts and should be parsed" ... Beer?

              1. amanfromMars 1 Silver badge
                Pint

                Do they know what they are signed up for and getting into ? Methinks most definitely not

                Make that "they are scripts and should be parsed" ... Beer? .... jake

                Parsed by whom and/or what is then the question to be asked or avoided, jake, .... and to what end would logically follow in any civilised conversation over a pint or three.

                Can we expect the likes of the MOD newbies in the 13th Signal Regiment to be interested in such novel matters?

                I wonder if they have a virtual presence easily discovered which accepts emails with document attachments? If they haven't, does one have to conclude that the space they exercise in is too dangerous for them and catastrophically vulnerable to alternative input beyond their command and control for future output?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021