Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: VMware, several vulnerabilities

April 2009 by Vigil@nce

Several vulnerabilities impact VMware ACE, Player, Server and
Workstation.

 Severity: 2/4
 Consequences: administrator access/rights, data reading, data
creation/edition, denial of service of computer
 Provenance: user shell
 Means of attack: no proof of concept, no attack
 Ability of attacker: expert (4/4)
 Confidence: confirmed by the editor (5/5)
 Diffusion of the vulnerable configuration: high (3/3)
 Number of vulnerabilities in this bulletin: 8
 Creation date: 02/04/2009
 Revision date: 06/04/2009

IMPACTED PRODUCTS

 VMware ACE
 VMware ESX Server
 VMware ESX Server 3i
 VMware Player
 VMware Server
 VMware vCenter
 VMware VirtualCenter
 VMware Workstation

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities impact VMware products.

On Windows host, an attacker can use an IOCTL of hcmon.sys in
order to elevate his privileges. [grav:2/4; CVE-2009-1146,
Positive Technologies SA 2008-07, PT-2008-07]

On Windows host, an attacker can use an IOCTL of hcmon.sys in
order to create a denial of service (VIGILANCE-VUL-8042
(https://vigilance.fr/tree/1/8042)). [grav:1/4; BID-30737,
CVE-2008-3761]

On Windows host, an attacker can send a long authentication query
to the vmware-authd service in order to stop it
(VIGILANCE-VUL-8368 (https://vigilance.fr/tree/1/8368)).
[grav:2/4; BID-33095, CVE-2009-0177]

On Windows host or guest, an attacker can use vmci.sys (Virtual
Machine Communication Interface) to elevate his privileges.
[grav:2/4; CVE-2009-1147, Positive Technologies SA 2008-05,
PT-2008-05]

Two overflows of the VMnc codec can be used by an attacker to
execute code on the host. [grav:2/4; CVE-2009-0909, CVE-2009-0910,
TPTI-09-01, TPTI-09-02]

An attacker can re-enable an ACE Shared Folder of HGFS (Host Guest
File System). [grav:1/4; CVE-2009-0908]

An attacker in a guest system can use a device driver to stop the
host. [grav:1/4; CVE-2008-4916]

The VI Client keeps in its memory the VirtualCenter Server
password. [grav:1/4; CVE-2009-0518]

CHARACTERISTICS

 Identifiers: BID-30737, BID-33095, BID-34373, CVE-2008-3761,
CVE-2008-4916, CVE-2009-0177, CVE-2009-0518, CVE-2009-0908,
CVE-2009-0909, CVE-2009-0910, CVE-2009-1146, CVE-2009-1147,
Positive Technologies SA 2008-05, Positive Technologies SA
2008-07, PT-2008-05, PT-2008-07, TPTI-09-01, TPTI-09-02,
VIGILANCE-VUL-8592, VMSA-2009-0005
 Url: http://vigilance.fr/vulnerability/VMware-several-vulnerabilities-8592


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts