VMware Player 5.x < 5.0.3 LGTOSYNC.SYS Guest Privilege Escalation (VMSA-2013-0014)

High Nessus Plugin ID 71231

Synopsis

The remote host contains software with a known, local privilege escalation vulnerability.

Description

The installed version of VMware Player 5.x running on Windows is earlier than 5.0.3. It therefore reportedly contains a vulnerability in its handling in the LGTOSYNC.SYS driver. This issue could allow a local, malicious user to escalate privileges on 32-bit Guest Operating Systems running Windows XP.

Note that by exploiting this issue, a local attacker could elevate his privileges only on the Guest OS and not on the host.

Solution

Update to VMware Player 5.0.3 or later.

See Also

https://www.vmware.com/security/advisories/VMSA-2013-0014.html

Plugin Details

Severity: High

ID: 71231

File Name: vmware_player_priv_esc_vmsa_2013_0014.nasl

Version: 1.4

Type: local

Agent: windows

Family: Windows

Published: 2013/12/05

Updated: 2019/11/27

Dependencies: 31728

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2013-3519

CVSS v2.0

Base Score: 7.9

Temporal Score: 5.8

Vector: CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:vmware:player

Required KB Items: SMB/Registry/Enumerated, VMware/Player/Path, VMware/Player/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/11/14

Vulnerability Publication Date: 2013/12/03

Reference Information

CVE: CVE-2013-3519

BID: 64075

VMSA: 2013-0014