Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: VMware, two vulnerabilities

November 2008 by Vigil@nce

SYNTHESIS

Two vulnerabilities of VMware can be used by an attacker to elevate his privileges.

Gravity: 2/4

Consequences: privileged access/rights

Provenance: user shell

Means of attack: no proof of concept, no attack

Ability of attacker: expert (4/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Number of vulnerabilities in this bulletin: 2

Creation date: 07/11/2008

Revision date: 10/11/2008

IMPACTED PRODUCTS

- VMware ACE
- VMware ESX Server
- VMware ESX Server 3i
- VMware Player
- VMware Server
- VMware VirtualCenter
- VMware Workstation

DESCRIPTION

Two vulnerabilities of VMware can be used by an attacker to elevate his privileges.

An attacker, in a guest system, can use the Trap flag of the CPU in order to elevate his privileges. Indeed, this flag is not reset after the CC ("INT 3") instruction. [grav:2/4; BID-32168, CVE-2008-4915]

An administrator of VirtualCenter with the Datastore.FileManagement privilege can elevate his privileges. [grav:1/4; BID-32172, CVE-2008-4281]

CHARACTERISTICS

Identifiers: BID-32168, BID-32172, CVE-2008-4281, CVE-2008-4915, VIGILANCE-VUL-8227, VMSA-2008-0018

http://vigilance.fr/vulnerability/8227




See previous articles

    

See next articles