ESXi 5.1 < Build 3070626 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)

Medium Nessus Plugin ID 87941


The remote VMware ESXi 5.1 host is affected by a guest privilege escalation vulnerability.


The remote VMware ESXi 5.1 host is prior to build 3070626. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders (HGFS) feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation of privileges.


Apply patch ESXi510-201510102-SG according to the vendor advisory.

Note that VMware Tools in any Windows-based guests that use the Shared Folders (HGFS) feature must also be updated to completely mitigate the vulnerability.

See Also

Plugin Details

Severity: Medium

ID: 87941

File Name: vmware_esxi_5_1_build_3070626_remote.nasl

Version: $Revision: 1.8 $

Type: remote

Family: Misc.

Published: 2016/01/15

Modified: 2017/06/12

Dependencies: 57396

Risk Information

Risk Factor: Medium


Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esxi:5.1

Required KB Items: Host/VMware/version, Host/VMware/release

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2016/01/07

Vulnerability Publication Date: 2016/01/07

Reference Information

CVE: CVE-2015-6933

OSVDB: 132670

VMSA: 2016-0001

IAVB: 2016-B-0014