VMware Workstation < 5.5.5 and Server < 1.0.4 Multiple Vulnerabilities

Critical Nessus Plugin ID 26911


The remote Windows host has an application that is affected by multiple issues.


The version of VMware Workstation/Server installed on the remote host is affected by multiple vulnerabilities, including a privelege elevation vulnerability that allows a guest to take over a host and a buffer overflow vulnerability in the DHCP daemon.

The buffer overlflow in the DHCP server may allow a remote attacker to execute arbitrary code on the remote host with SYSTEM privileges.


Upgrade to VMware Workstation 6.0.1/5.5.5 or VMware Server 1.0.4.

See Also



Plugin Details

Severity: Critical

ID: 26911

File Name: vmware_ws_server_multiple.nasl

Version: $Revision: 1.15 $

Type: local

Agent: windows

Family: Windows

Published: 2007/10/04

Modified: 2016/11/29

Dependencies: 26201, 26200

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:vmware:server, cpe:/a:vmware:vmware_workstation

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

CANVAS (D2ExploitPack)

Reference Information

CVE: CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-4058, CVE-2007-4059, CVE-2007-4155, CVE-2007-4496, CVE-2007-4497, CVE-2007-4591, CVE-2007-5023

BID: 25110, 25118, 25131, 25441, 25728, 25729, 25732

OSVDB: 40086, 40093, 40094, 40095, 40096, 40097, 40099, 40100, 42078

CWE: 22, 119, 189, 264, 399