VMware Player 7.x < 7.1.2 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (Linux)
Medium Nessus Plugin ID 87925
SynopsisA virtualization application installed on the remote host is affected by a guest privilege escalation vulnerability.
DescriptionThe version of VMware Player installed on the remote host is version 7.x prior to 7.1.2. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges.
SolutionUpgrade to VMware Player 7.1.2 or later.
Note that VMware Tools in any Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate the vulnerability.