Executive Summary
Summary | |
---|---|
Title | VMware Hosted products and patches for ESX and ESXi resolve two security issues |
Informations | |||
---|---|---|---|
Name | VMSA-2008-0018 | First vendor Publication | 2008-11-06 |
Vendor | VMware | Last vendor Modification | 2008-11-06 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
a. A privilege escalation on 32-bit and 64-bit guest operating systems VMware products emulate hardware functions and create the possibility to run guest operating systems. A flaw in the CPU hardware emulation might allow the virtual CPU to incorrectly handle the Trap flag. Exploitation of this flaw might lead to a privilege escalation on guest operating systems. An attacker needs a user account on the guest operating system and have the ability to run applications. VMware would like to thank Derek Soeder for discovering this issue and working with us on its remediation. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-4915 to this issue. b. Directory traversal vulnerability VirtualCenter allows administrators to have fine-grained privileges. A directory traversal vulnerability might allow administrators to increase these privileges. In order to leverage this flaw, the administrator would need to have the Datastore.FileManagement privilege. VMware would like to thank Michel Toussaint for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-4281 to this issue. |
Original Source
Url : http://www.vmware.com/security/advisories/VMSA-2008-0018.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-264 | Permissions, Privileges, and Access Controls |
50 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6309 | |||
Oval ID: | oval:org.mitre.oval:def:6309 | ||
Title: | VMware CPU Hardware Emulation Bug Lets Local Users Gain Elevated Privileges | ||
Description: | The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4915 | Version: | 3 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6425 | |||
Oval ID: | oval:org.mitre.oval:def:6425 | ||
Title: | VMware ESX Administrative Directory Traversal Bug May Allow Administrators to Gain Elevated Privileges | ||
Description: | Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 before ESX350-200810201-UG allows administrators with the Datastore.FileManagement privilege to gain privileges via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4281 | Version: | 3 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-10-03 | Name : Gentoo Security Advisory GLSA 201209-25 (vmware-server vmware-player vmware-w... File : nvt/glsa_201209_25.nasl |
2008-12-15 | Name : VMware Products Trap Flag In-Guest Privilege Escalation Vulnerability (Linux) File : nvt/gb_vmware_prdts_inguest_prv_esc_vuln_lin.nasl |
2008-12-15 | Name : VMware Products Trap Flag In-Guest Privilege Escalation Vulnerability (Win) File : nvt/gb_vmware_prdts_inguest_prv_esc_vuln_win.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
49947 | VMware ESX / ESXi Datastore.FileManagement Unspecified Traversal Privilege Es... |
49795 | VMware Multiple Products CPU Hardware Emulation Trap Flag Handling Guest OS U... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | PcVue SVUIGrd.ocx ActiveX function call access RuleID : 27112 - Revision : 5 - Type : BROWSER-PLUGINS |
2014-01-10 | PcVue SVUIGrd.ocx ActiveX clsid access RuleID : 27111 - Revision : 5 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-10-01 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201209-25.nasl - Type : ACT_GATHER_INFO |
2009-07-27 | Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2008-0018.nasl - Type : ACT_GATHER_INFO |
2008-11-19 | Name : The remote Windows host has an application that is affected by multiple vulne... File : vmware_multiple_vmsa_2008_0018.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:07:10 |
|
2013-12-14 21:19:31 |
|