ESXi 4.1 – Major Security Issue

On Thursday July 15th, a user raised a question on the VMTN forums regarding an ESXi 4.1 password issue. The problem was described as the following:

Hi all
It seems that authentication only requires the first 8 characters to be correct. My root password is 11 characters long, but so long as the first 8 characters are correct, I can put whatever I like after that and it still authenticates me. Tested this on three ESXi boxes, all running 260247 (release)

I performed a few quick tests to validate the user\’s claim and in fact this was the case with a new installation of ESXi 4.1

One thought on “ESXi 4.1 – Major Security Issue

Leave a Reply

Your email address will not be published.

%d bloggers like this: