VMware Workstation 12.1.x < 12.1.1 Shared Folders (HGFS) Guest DLL Hijacking Arbitrary Code Execution (VMSA-2016-0010) (Linux)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

A virtualization application installed on the remote host is affected
by an arbitrary code execution vulnerability.

Description :

The version of VMware Workstation installed on the remote host is
12.1.x prior to 12.1.1. It is, therefore, affected by an arbitrary
code execution vulnerability in the Shared Folders (HGFS) feature due
to improper loading of Dynamic-link library (DLL) files from insecure
paths, including the current working directory, which may not be under
user control. A remote attacker can exploit this vulnerability, by
placing a malicious DLL in the path or by convincing a user into
opening a file on a network share, to inject and execute arbitrary
code in the context of the current user.

See also :

http://www.vmware.com/security/advisories/VMSA-2016-0010.html

Solution :

Upgrade to VMware Workstation 12.1.1 or later.

Note that VMware Tools on Windows-based guests that use the Shared
Folders (HGFS) feature must also be updated to completely mitigate the
vulnerability.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: General

Nessus Plugin ID: 92946 ()

Bugtraq ID: 92323

CVE ID: CVE-2016-5330

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now