VMware Fusion < 2.0.6 (VMSA-2009-0013)

This script is Copyright (C) 2009-2011 Tenable Network Security, Inc.


Synopsis :

The remote host has an application that is affected by two security
issues.

Description :

The version of VMware Fusion installed on the Mac OS X host is earlier
than 2.0.6. Such versions are affected by two security issues :

- A vulnerability in the vmx86 kernel extension allows
an unprivileged userland program to initialize
several function pointers via the '0x802E564A' IOCTL
code, which can lead to arbitrary code execution in
the kernel context. (CVE-2009-3281)

- An integer overflow in the vmx86 kernel extension allows
for a denial of service of the host by an unprivileged
local user. (CVE-2009-3282)

See also :

http://lists.vmware.com/pipermail/security-announce/2009/000066.html
http://www.securityfocus.com/advisories/18019
http://www.securityfocus.com/archive/1/506891
http://www.securityfocus.com/archive/1/506893

Solution :

Upgrade to VMware Fusion 2.0.6 or later.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.0
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 41971 (macosx_fusion_2_0_6.nasl)

Bugtraq ID: 36578
36579

CVE ID: CVE-2009-3281
CVE-2009-3282