|
 |
|
VMware Products Multiple Vulnerabilities
|
|
|
|
|
Secunia Advisory:
|
SA29413
|
|
|
Release Date:
|
2008-03-17
|
|
Last Update:
|
2008-04-01
|
|
|
Critical:
|

Less critical
|
|
Impact:
|
Privilege escalation DoS
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | VMware ACE 1.x VMWare ACE 2.x VMware Player 1.x VMWare Player 2.x VMware Workstation 5.x VMware Workstation 6.x
|
| | CVE reference: | CVE-2006-2940 (Secunia mirror) CVE-2006-2937 (Secunia mirror) CVE-2006-4339 (Secunia mirror) CVE-2006-4343 (Secunia mirror) CVE-2007-5269 (Secunia mirror) CVE-2007-5618 (Secunia mirror) CVE-2008-1340 (Secunia mirror) CVE-2008-1361 (Secunia mirror) CVE-2008-1362 (Secunia mirror) CVE-2008-1364 (Secunia mirror) CVE-2008-1392 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS! |
|
|
Description: Some vulnerabilities have been reported in VMware products, which can be exploited by malicious, local users to gain escalated privileges or to cause a DoS (Denial of Service), and potentially by malicious people to bypass certain security restrictions or to cause a DoS.
1) Vulnerabilities in "authd" and the handling of named pipes can be exploited by malicious, local users to gain escalated privileges.
For more information:
SA29412
2) Some vulnerabilities in OpenSSL can potentially be exploited by malicious people to bypass certain security restrictions or to cause a DoS.
For more information:
SA21709
SA22130
3) Some vulnerabilities in libpng can potentially be exploited by malicious people to cause a DoS.
For more information:
SA27093
4) Improper registered services can be exploited to gain escalated privileges on Windows 2000 hosts.
This is related to vulnerability #6 in:
SA26890
5) An unspecified error in the DHCP service can be exploited to cause a DoS.
NOTE: This issue doesn't affect the latest versions of VMware Workstation 6.x, VMware Player 2.x, and ACE 2.x.
6) An error due to insecure file permissions on "config.ini" can be exploited by malicious, local users to gain escalated privileges.
For more information see vulnerability #3 in:
SA29412
7) An unspecified error in the Virtual Machine Communication Interface (VMCI) can be exploited to crash the host system.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Solution: VMware Workstation 6.x:
Update to version 6.0.3.
www.vmware.com/download/ws/
VMware Workstation 5.x:
Update to version 5.5.6.
www.vmware.com/download/ws/ws5.html
VMware ACE:
Update for version 2.0.3 or 1.0.5.
www.vmware.com/download/ace/
VMware Fusion 1.x:
Update to version 1.1.1.
www.vmware.com/download/fusion/
VMware Player:
Update to version 2.0.3 and 1.0.6
www.vmware.com/download/player/
Provided and/or discovered by: 4) The vendor credits Ray Hicken.
5) The vendor credits Martin O'Neal.
6) The vendor credits Sun Bing.
7) The vendor credits Andrew Honig, Department of Defense.
Changelog: 2008-03-18: Updated "Description" and "Solution" with additional information from the vendor. Added products to the list of affected software. Added links to "Other References" and "Original Advisory" sections. Added CVE references.
2008-03-25: Added CVE reference.
2008-04-01: Corrected version for VMware Workstation in "Solution".
Original Advisory: http://www.vmware.com/security/advisories/VMSA-2008-0005.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
Other References: SA21709:
http://secunia.com/advisories/21709/
SA22130:
http://secunia.com/advisories/22130/
SA26890:
http://secunia.com/advisories/26890/
SA27093:
http://secunia.com/advisories/27093/
SA29412:
http://secunia.com/advisories/29412/
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
6 Related Secunia Security Advisories
|
|
|
1. VMware Products Shared Folders Directory Traversal Vulnerability
|
|
2. VMWare Products Multiple Vulnerabilities
|
|
3. VMWare Workstation vstor-ws60.sys Denial of Service
|
|
4. VMware Products Multiple Vulnerabilities
|
|
5. VMware vmware-config.pl Insecure SSL Key File Permissions
|
|
6. VMware NAT Networking Buffer Overflow Vulnerability
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|

|
 |
Secunia PSI Scan | Patch | Track Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|