Detections
Analytics

VMware Fusion < 3.1.3 (VMSA-2011-0009 / VMSA-2011-0011)

high Nessus Plugin ID 54974

Language:

Synopsis

The remote host has a virtualization application affected by multiple vulnerabilities.

Description

The version of VMware Fusion installed on the Mac OS X host is earlier than 3.1.3. As such, it is reportedly affected by the following three security vulnerabilities :

 - An attacker with access to a Guest operating system can determine if a path exists in the Host filesystem and whether it's a file or a directory regardless of permissions. (CVE-2011-2146)

 - A race condition in mount.vmhgfs may allow an attacker with access to a Guest to mount on arbitrary directories in the Guest filesystem and escalate their privileges if they can control the contents of the mounted directory.
 (CVE-2011-1787)

 - A procedural error allows an attacker with access to a Solaris or FreeBSD Guest operating system to gain write access to an arbitrary file in the Guest filesystem.
 (CVE-2011-2145)

 - A buffer overflow in the way UDF file systems are handled could allow for code execution if a specially crafted ISO image is used. (CVE-2011-3868)

Note that the first three vulnerabilities only affect non-Windows guest operating systems.

Solution

Upgrade to VMware Fusion 3.1.3 or later.

In addition to patching, VMware Tools must be updated on all non- Windows guest VMs in order to completely mitigate certain vulnerabilities. Refer to the VMware advisory for more information.

See Also

http://www.vmware.com/security/advisories/VMSA-2011-0009.html

http://www.vmware.com/security/advisories/VMSA-2011-0011.html

http://lists.vmware.com/pipermail/security-announce/2011/000141.html

http://lists.vmware.com/pipermail/security-announce/2011/000145.html

Plugin Details

Severity: High

ID: 54974

File Name: macosx_fusion_3_1_3.nasl

Version: 1.11

Type: local

Agent: macosx

Published: 6/6/2011

Updated: 7/14/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:vmware:fusion

Required KB Items: MacOSX/Fusion/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/2/2011

Vulnerability Publication Date: 6/2/2011

Exploitable With

Core Impact

Reference Information

CVE: CVE-2011-1787, CVE-2011-2145, CVE-2011-2146, CVE-2011-3868

BID: 48098, 49942