VMware Tools 9.x / 10.x < 10.1.0 Kernel Memory Address Disclosure (VMSA-2016-0017) (Mac OS X)
Low Nessus Plugin ID 94339
SynopsisA virtualization application installed on the remote macOS or Mac OS X host is affected by an information disclosure vulnerability.
DescriptionThe version of VMware Tools installed on the remote macOS or Mac OS X host is 9.x or 10.x prior to 10.1.0. It is, therefore, affected by an information disclosure vulnerability in the System Integrity Protection (SIP) feature. A local attacker can exploit this issue to obtain kernel memory addresses and thereby bypass the kASLR protection mechanism.
SolutionUpgrade to VMware Tools version 10.1.0 or later.