VMSA-2013-0014 : VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation

High Nessus Plugin ID 71214

Synopsis

The remote VMware ESXi / ESX host is missing a security-related patch.

Description

a. VMware LGTOSYNC privilege escalation.

VMware ESX, Workstation and Fusion contain a vulnerability in the handling of control code in lgtosync.sys. A local malicious user may exploit this vulnerability to manipulate the memory allocation. This could result in a privilege escalation on 32-bit Guest Operating Systems running Windows 2000 Server, Windows XP or Windows 2003 Server on ESXi and ESX; or Windows XP on Workstation and Fusion.

The vulnerability does not allow for privilege escalation from the Guest Operating System to the host. This means that host memory can not be manipulated from the Guest Operating System.

VMware would like to thank Derek Soeder of Cylance, Inc. for reporting this issue to us.

The Common Vulnerabilityies and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3519 to this issue.

Solution

Apply the missing patch.

See Also

http://lists.vmware.com/pipermail/security-announce/2013/000226.html

Plugin Details

Severity: High

ID: 71214

File Name: vmware_VMSA-2013-0014.nasl

Version: 1.6

Type: local

Published: 2013/12/04

Updated: 2018/08/06

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.9

Temporal Score: 5.8

Vector: CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esx:4.0, cpe:/o:vmware:esx:4.1, cpe:/o:vmware:esxi:4.0, cpe:/o:vmware:esxi:4.1, cpe:/o:vmware:esxi:5.0, cpe:/o:vmware:esxi:5.1

Required KB Items: Host/local_checks_enabled, Host/VMware/release, Host/VMware/version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/12/03

Reference Information

CVE: CVE-2013-3519

BID: 64075

VMSA: 2013-0014