Vigil@nce: VMware, several vulnerabilities
September 2008 by Vigil@nce
Several vulnerabilities impact VMware ACE, ESX, Player, Server and
Workstation.
– Gravity: 2/4
– Consequences: administrator access/rights, client access/rights,
data reading, denial of service of service
– Provenance: user shell
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 01/09/2008
– Identifier: VIGILANCE-VUL-8076
IMPACTED PRODUCTS
– VMware ACE [confidential versions]
– VMware ESX Server [confidential versions]
– VMware Player [confidential versions]
– VMware Server [confidential versions]
– VMware Workstation [confidential versions]
DESCRIPTION
Several vulnerabilities impact VMware products.
Several vulnerabilities were announced in VMware ActiveX.
[grav:2/4; BID-30934, CVE-2007-5438, CVE-2008-3691, CVE-2008-3692,
CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, CVE-2008-3696]
An attacker can create a denial of service on the IIS ISAPI
extension. [grav:2/4; BID-30935, CVE-2008-3697]
Under Windows, a local attacker can use OpenProcess to elevate his
privileges. [grav:2/4; BID-30936, CVE-2008-3698]
A local attacker can use the "ps" command to obtain the password
of VCB (VMware Consolidated Backup) tools. [grav:1/4; BID-30937,
CVE-2008-2101]
CHARACTERISTICS
– Identifiers: BID-30934, BID-30935, BID-30936, BID-30937,
CVE-2007-5438, CVE-2008-2101, CVE-2008-3691, CVE-2008-3692,
CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, CVE-2008-3696,
CVE-2008-3697, CVE-2008-3698, VIGILANCE-VUL-8076, VMSA-2008-0014
– Url: https://vigilance.aql.fr/tree/1/8076