VMware Products Multiple Vulnerabilities (VMSA-2008-0014)

high Nessus Plugin ID 34156

Synopsis

The remote Windows host has an application that is affected by multiple issues.

Description

A VMware product installed on the remote host is affected by multiple vulnerabilities :

- ActiveX controls provided by VMware for IE could be exploited to cause a denial of service condition or execute arbitrary code on the remote system.
(CVE-2007-5438, CVE-2008-3691-CVE-2008-3696, CVE-2008-3892)

- Internet Server Application Programming Interface (ISAPI) extensions provided by VMware are affected by a remote denial of service vulnerability.
(CVE-2008-3697)

- Certain VMware products running as host systems are affected by a local privilege escalation vulnerability.
Successful exploitation of this issue would allow users to execute arbitrary code on the system.
(CVE-2008-3698)

- A flaw in VMware's CPU hardware emulation could result in privilege escalation on guest systems running on 64-bit operating systems. (CVE-2008-4279)

Solution

Upgrade to :

- VMware Workstation 6.0.5/5.5.8 or higher.
- VMware Player 2.0.5/1.0.8 or higher.
- VMware Server 1.0.7 or higher.
- VMware ACE 2.0.5/1.0.7 or higher.

See Also

http://www.nessus.org/u?5672f8ac

https://seclists.org/fulldisclosure/2008/Oct/51

https://www.vmware.com/security/advisories/VMSA-2008-0014.html

https://www.vmware.com/security/advisories/VMSA-2008-0016.html

Plugin Details

Severity: High

ID: 34156

File Name: vmware_multiple_vmsa_2008_0014.nasl

Version: 1.24

Type: local

Agent: windows

Family: Windows

Published: 9/10/2008

Updated: 3/27/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2008-3691

Vulnerability Information

CPE: cpe:/a:vmware:ace, cpe:/a:vmware:vmware_player, cpe:/a:vmware:vmware_server, cpe:/a:vmware:vmware_workstation

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2007-5438, CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, CVE-2008-3696, CVE-2008-3697, CVE-2008-3698, CVE-2008-3892, CVE-2008-4279

BID: 26025, 30934, 30935, 30936, 31569

CWE: 119, 20, 264

Secunia: 31310, 31707, 31708, 31709

VMSA: 2008-0014