VMware ESX / ESXi VMCI Privilege Escalation (VMSA-2013-0002) (remote check)

high Nessus Plugin ID 89662

Synopsis

The remote VMware ESX / ESXi host is missing a security-related patch.

Description

The remote VMware ESX / ESXi host is missing a security-related patch.
It is, therefore, affected by a privilege escalation vulnerability in the Virtual Machine Communication Interface (VMCI) due to improper handling of control code in vmci.sys. A local attacker can exploit this to change memory allocation, resulting in an escalation of privileges on Windows-based guest operating systems.

Note that systems with VMCI disabled are still affected by the vulnerability.

Solution

Apply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0 / 4.1 or ESXi version 4.0 / 4.1.

See Also

https://www.vmware.com/security/advisories/VMSA-2013-0002.html

Plugin Details

Severity: High

ID: 89662

File Name: vmware_esx_VMSA-2013-0002_remote.nasl

Version: 1.4

Type: remote

Family: Misc.

Published: 3/4/2016

Updated: 11/15/2018

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esx, cpe:/o:vmware:esxi

Required KB Items: Host/VMware/version, Host/VMware/release

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/7/2013

Vulnerability Publication Date: 2/7/2013

Exploitable With

Core Impact

Reference Information

CVE: CVE-2013-1406

BID: 57867

VMSA: 2013-0002