Executive Summary
| Summary | |
|---|---|
| Title | - VMware product updates address multiple important security issues |
| Informations | |||
|---|---|---|---|
| Name | VMSA-2016-0010 | First vendor Publication | 2016-08-04 |
| Vendor | VMware | Last vendor Modification | 2016-09-19 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:M/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 4.4 | Attack Range | Local |
| Cvss Impact Score | 6.4 | Attack Complexity | Medium |
| Cvss Expoit Score | 3.4 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| a. DLL hijacking issue in Windows-based VMware Tools A DLL hijacking vulnerability is present in the VMware Tools "Shared Folders" (HGFS) feature running on Microsoft Windows. Exploitation of this issue may lead to arbitrary code execution with the privileges of the victim. In order to exploit this issue, the attacker would need write access to a network share and they would need to entice the local user into opening their document. There are no known workarounds for this issue. VMware would like to thank Yorick Koster of Securify B.V. for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-5330 to this issue. Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Running Replace with/ Product Version on Severity Apply Patch* Workaround =============== ======= ======= ======== ============= ========== ESXi*** 6.0 ESXi Important ESXi600-201603102-SG None ESXi*** 5.5 ESXi Important ESXi550-201608102-SG None ESXi*** 5.1 ESXi Important ESXi510-201605102-SG None ESXi*** 5.0 ESXi Important ESXi500-201606102-SG None VMware Workstation Pro 12.1.x Any Important 12.1.1 None VMware Workstation Player 12.1.x Any Important 8.1.1 None VMware Fusion 8.1.x Mac OS X Important 8.1.1 None VMware Tools 10.x, 9x Windows Important 10.0.6** None * After the update or patch is applied, VMware Tools must also be updated in any Windows-based guests that include the "Shared Folders" (HGFS) feature to resolve CVE-2016-5330. ** VMware Tools can be downloaded independently and installed to resolve this issue. *** Successfully exploiting this issue requires installation of "Shared Folders" component (HGFS feature) which does not get installed in "custom/typical" installation of VMware Tools on Windows VM running on ESXi. b. HTTP Header injection issue in vCenter Server and ESXi vCenter Server and ESXi contain an HTTP header injection vulnerability due to lack of input validation. An attacker can exploit this issue to set arbitrary HTTP response headers and cookies, which may allow for cross-site scripting and malicious redirect attacks. There are no known workarounds for this issue. VMware would like to thank Vladimir Ivanov, Andrey Evlanin, Mikhail Stepankin, Artem Kondratenko, Arseniy Sharoglazov of Positive Technologies, Matt Foster of Netcraft Ltd, Matthias Deeg of SySS GmbH, Eva Esteban Molina of A2secure and Ammarit Thongthua for independently reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-5331 to this issue. Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. |
Original Source
| Url : http://www.vmware.com/security/advisories/VMSA-2016-0010.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 50 % | CWE-426 | Untrusted Search Path |
| 50 % | CWE-93 | Failure to Sanitize CRLF Sequences ('CRLF Injection') |
CPE : Common Platform Enumeration
Metasploit Database
| id | Description |
|---|---|
| 2016-08-05 | DLL Side Loading Vulnerability in VMware Host Guest Client Redirector |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-08-12 | Name : A virtualization application installed on the remote Mac OS X host is affecte... File : macosx_fusion_vmsa_2016_0010.nasl - Type : ACT_GATHER_INFO |
| 2016-08-12 | Name : The remote VMware ESXi host is affected by multiple vulnerabilities. File : vmware_VMSA-2016-0010_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-08-12 | Name : A virtualization application installed on the remote host is affected by an a... File : vmware_player_linux_vmsa_2016_0010.nasl - Type : ACT_GATHER_INFO |
| 2016-08-12 | Name : A virtualization application installed on the remote host is affected by an a... File : vmware_player_win_vmsa_2016_0010.nasl - Type : ACT_GATHER_INFO |
| 2016-08-12 | Name : A virtualization application installed on the remote host is affected by an a... File : vmware_workstation_linux_vmsa_2016_0010.nasl - Type : ACT_GATHER_INFO |
| 2016-08-12 | Name : A virtualization application installed on the remote host is affected by an a... File : vmware_workstation_win_vmsa_2016_0010.nasl - Type : ACT_GATHER_INFO |
| 2016-08-11 | Name : A virtualization management application installed on the remote host is affec... File : vmware_vcenter_vmsa-2016-0010.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2020-05-23 13:17:15 |
|
| 2016-09-20 00:21:34 |
|
| 2016-08-13 13:26:56 |
|
| 2016-08-12 21:25:52 |
|
| 2016-08-12 13:23:55 |
|
| 2016-08-11 21:24:55 |
|
| 2016-08-08 09:25:32 |
|
| 2016-08-05 13:24:24 |
|
