VMware Products Multiple Vulnerabilities (VMSA-2008-0008)

medium Nessus Plugin ID 32503

Synopsis

The remote Windows host has an application that is affected by multiple issues.

Description

A VMware product installed on the remote host is affected by multiple vulnerabilities :

- A heap overflow vulnerability in VMware Host Guest File System (HGFS), could allow a guest to execute arbitrary code subject to the privileges of the user running 'vmx' process. In order to successfully exploit this issue a folder should be shared on the host system and sharing should be enabled, which is disabled by default.
(CVE-2012-2098)

- A vulnerability in Virtual Machine Communication Interface (VMCI), a 'experimental' feature designed for users building client-server applications, could allow a guest to execute arbitrary code subject to the privileges of the user running 'vmx' process. For successful exploitation of this issue VMCI feature should be enabled on the host. (CVE-2012-2099)

Solution

Upgrade to :

- VMware Workstation 6.0.4 or higher.
- VMware Player 2.0.4 or higher.
- VMware ACE 2.0.4 or higher.

See Also

https://www.vmware.com/security/advisories/VMSA-2008-0008.html

https://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

https://www.vmware.com/support/player2/doc/releasenotes_player2.html

https://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

Plugin Details

Severity: Medium

ID: 32503

File Name: vmware_multiple_vmsa_2008_0008.nasl

Version: 1.18

Type: local

Agent: windows

Family: Windows

Published: 6/3/2008

Updated: 3/27/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.5

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2008-2098

Vulnerability Information

CPE: cpe:/a:vmware:ace, cpe:/a:vmware:vmware_player, cpe:/a:vmware:vmware_workstation

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

Core Impact

Reference Information

CVE: CVE-2008-2098, CVE-2008-2099

BID: 29443, 29444

CWE: 119

VMSA: 2008-0008