This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote host has a virtualization application installed that is
affected by multiple vulnerabilities.
The version of VMware Workstation installed on the remote Windows host
is 10.x prior to 10.0.5. It is, therefore, affected by multiple
- An unspecified flaw exists that allows a local attacker
to escalate privileges or cause a denial of service
via an arbitrary write to a file. (CVE-2014-8370)
- An input validation error exists in the Host Guest File
System (HGFS) that allows a local attacker to cause a
denial of service of the guest operating system.
- An input validation error exists in the VMware
Authorization process (vmware-authd) that allows a
remote attacker to cause a denial of service of the host
operating system. (CVE-2015-1044)
- A denial of service vulnerability exists due to improper
validation of user-supplied input to a remote procedure
call (RPC) command. An unauthenticated, remote attacker
can exploit this, via a crafted command, to crash the
host or guest operating systems. (CVE-2015-2341)
See also :
Upgrade to VMware Workstation version 10.0.5 or later.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.8
Public Exploit Available : false