Vulnerability Team: VMware Security Advisory

VMware Security Advisory

Posted: 30/3/11 by komz in Etiquetas: Local Privilege Escalation Vulnerability, updates, VMWare, VMware vmrun

The VMware vmrun utility is susceptible to a local privilege escalation in
non-standard configurations.

2. Relevant releases

VMware VIX API for Linux 1.10.2 and earlier

VMware Workstation 7.1.3 on Linux and earlier
VMware Workstation 6.5.5 on Linux and earlier

3. Problem Description

a. VMware Linux based vmrun utility local privilege escalation

VMware vmrun is a utility that is used to perform various tasks on virtual machines. The vmrun utility runs on any platform with VIX libraries installed. It is installed in VMware Workstation by default.

In non-standard filesystem configurations, an attacker with the ability to place files into a predefined library path, could take execution control of vmrun.

The Common Vulnerabilities and Exposures project (cve.mitre.org)has assigned the name CVE-2011-1126 to this issue.

4.REFERENCE: VMware Security Advisory

The Vulnerability Team adviced to users and administrators to review and apply the updates notifications
necessary to help mitigate the risks.

source: vmware.com

Vulnerability Team

NIVEL DE VULNERABILIDADES

follow me on Twitter

SOCIAL NETWORK

FOLLOW US ON FACEBOOK

YOUR IP

TRADUCTOR

Herramientas ONLINE

BUSCADOR DE GOOGLE

CATEGORIAS

LINKS

LABELS

VMware Security Advisory

0 comentarios: