VMSA-2016-0001 : VMware ESXi, Workstation, Player, and Fusion updates address important guest privilege escalation vulnerability

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote VMware ESXi host is missing a security-related patch.

Description :

Important Windows-based guest privilege escalation in VMware Tools

A kernel memory corruption vulnerability is present in the VMware Tools
'Shared Folders' (HGFS) feature running on Microsoft Windows. Successful
exploitation of this issue could lead to an escalation of privilege in
the guest operating system.

VMware would like to thank Dmitry Janushkevich from the Secunia
Research Team for reporting this issue to us.

Note: This vulnerability does not allow for privilege escalation from
the guest operating system to the host. Host memory can not be
manipulated from the guest operating system by exploiting this flaw.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the identifier CVE-2015-6933 to this issue.

Workarounds
Removing the 'Shared Folders' (HGFS) feature from previously installed
VMware Tools will remove the possibility of exploitation.

See also :

http://lists.vmware.com/pipermail/security-announce/2016/000316.html

Solution :

Apply the missing patch.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 4.8
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: VMware ESX Local Security Checks

Nessus Plugin ID: 87889 ()

Bugtraq ID:

CVE ID: CVE-2015-6933

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now