VMware Products Multiple Vulnerabilities (VMSA-2008-0005)

This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by
multiple issues.

Description :

VMware products installed on the remote host are affected by multiple
vulnerabilities :

- The 'authd' process is affected by a privilege
escalation vulnerability that could allow an attacker to
execute arbitrary code with system level privileges or
cause a denial of service condition.

- A feature in VMware workstation version 6.0.2 could
allow anonymous console access to guest host via VIX
API, which could result in unauthorized access. This
feature has been disabled in version 6.0.3.

- Windows based VMware hosts are affected by a privilege
escalation vulnerability. By manipulating 'config.ini'
an attacker may be able to gain elevated privileges by
hijacking the VMware VMX process.

- Multiple VMware products are affected by a directory
traversal vulnerability. If a Windows based VMware host
is configured to allow shared access from a guest host
to a folder on the Host system (HGFS), it may be
possible
to gain access to the Host file system from guest OS and
create/modify arbitrary executable files. VMware Server
is not affected by this vulnerability.

- Multiple VMware products hosted on a Windows 2000 host
are affected by a privilege escalation vulnerability.

- Multiple VMware products are vulnerable to a potential
denial of service attack.

See also :

http://www.vmware.com/security/advisories/VMSA-2008-0005.html
http://www.vmware.com/support/server/doc/releasenotes_server.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html#603
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
http://www.vmware.com/support/player/doc/releasenotes_player.html
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

Solution :

Upgrade to :

- VMware Workstation 6.0.3/5.5.6 or higher.
- VMware Server 1.0.5 or higher.
- VMware Player 2.0.3/1.0.6 or higher.
- VMware ACE 2.0.3/1.0.5 or higher.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.5
(CVSS2#E:POC/RL:ND/RC:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now