Executive Summary
Summary | |
---|---|
Title | Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues |
Informations | |||
---|---|---|---|
Name | VMSA-2008-0008 | First vendor Publication | 2008-05-30 |
Vendor | VMware | Last vendor Modification | 2008-05-30 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.9 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 3.4 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
a. VMware HGFS File System Heap Overflow The VMware Host Guest File System (HGFS) shared folders feature allows users to transfer data between a guest operating system and the non-virtualized host operating system that contains it. A heap buffer overflow condition is present in VMware HGFS. Exploitation of this flaw might allow an unprivileged guest process to execute code in the context of the vmx process on the host. In order to exploit this vulnerability, the VMware system must have at least one folder shared. Two things must happen for a folder to be shared. 1) Shared folders must be enabled, and 2) a folder must be selected from the host system to be shared. No folders are shared by default in any version of our products, which means this vulnerability is not exploitable by default. Workstation 6.x, Player 2.x, and ACE 2.x have shared folders disabled by default. VMware Server, ESX and ESXi do not provide the shared folders feature. Because there is no back-end for the HGFS protocol on the virtualization host, these products are architecturally immune to this issue. This issue might not be exploitable on host operating systems which have implemented heap protection. VMware would like to thank Andrew Honig of the Department of Defense for reporting this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-2098 to this issue. b. Windows based VMCI arbitrary code execution vulnerability VMCI was introduced in VMware Workstation 6.0, VMware Player 2.0, and VMware ACE 2.0. It is an experimental, optional feature that allows virtual machines to communicate with one another. With VMCI enabled a guest may execute arbitrary code in the context of the vmx process on the host. This is a compiler dependent vulnerability and only affects systems running on windows hosts. VMware would like to thank Andrew Honig of the Department of Defense for reporting this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-2099 to this issues. |
Original Source
Url : http://www.vmware.com/security/advisories/VMSA-2008-0008.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-10-03 | Name : Gentoo Security Advisory GLSA 201209-25 (vmware-server vmware-player vmware-w... File : nvt/glsa_201209_25.nasl |
2008-09-25 | Name : VMCI/HGFS VmWare Code Execution Vulnerability (Linux) File : nvt/gb_vmware_prdts_mult_vuln_lin.nasl |
2008-09-25 | Name : VMCI/HGFS VmWare Code Execution Vulnerability (Win) File : nvt/gb_vmware_prdts_mult_vuln_win.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
45891 | VMware Multiple Products VMCI Arbitrary Local Code Execution |
45890 | VMware Multiple Products Host Guest File System (HGFS) Shared Folders Feature... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-10-01 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-25.nasl - Type : ACT_GATHER_INFO |
2008-06-03 | Name : The remote Windows host has an application that is affected by multiple issues. File : vmware_multiple_vmsa_2008_0008.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:07:08 |
|
2013-12-14 21:19:30 |
|