‹‹ 上一主题 | 下一主题 ››
发新话题
打印

[转载]VMware Workstation Multiple Vulnerabilities

ring04h

疯狂小女人

团队执行官

Rank: 8Rank: 8

E.S.T核心成员 社区主管

帖子
3912 
精华
128 
积分
209617 
阅读权限
200 
性别
男 
在线时间
1060 小时 
注册时间
2007-10-23 
最后登录
2008-5-17 

资料收集奖 运营支持奖

楼主 发表于 2008-3-18 15:39  只看该作者

[转载]VMware Workstation Multiple Vulnerabilities

信息来源:邪恶八进制信息安全团队(www.eviloctal.com

Secunia Advisory: SA29413   
Release Date: 2008-03-17

Critical:
Less critical
Impact: Privilege escalation
DoS
Where: From remote
Solution Status: Vendor Patch

Software:VMware Workstation 6.x

CVE reference:CVE-2006-2940 (Secunia mirror)
CVE-2006-2937 (Secunia mirror)
CVE-2006-4343 (Secunia mirror)

Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS!



Description:
Some vulnerabilities have been reported in VMware Server, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious people to cause a DoS (Denial of Service).

1) A vulnerability in "authd" can be exploited by malicious, local users to gain escalated privileges.

For more information:
SA22130

2) Some vulnerabilities in OpenSSL can potentially be exploited by malicious people to cause a DoS.

For more information:
SA29412

The vulnerabilities are reported in versions prior to 6.0.3.

Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.

Solution:
Update to version 6.0.3.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

Other References:
SA22130:
http://secunia.com/advisories/22130/

SA29412:
http://secunia.com/advisories/29412/


Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

4 Related Secunia Security Advisories

1. VMware Products Shared Folders Directory Traversal Vulnerability
2. VMWare Products Multiple Vulnerabilities
3. VMware Products Multiple Vulnerabilities
4. VMware vmware-config.pl Insecure SSL Key File Permissions




[ 本帖最后由 ring04h 于 2008-3-18 15:40 编辑 ]

TOP

‹‹ 上一主题 | 下一主题 ››
发新话题