Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0923

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2008-0923
Last Modified 07 Mar 2011 10:05:40
Published 25 Feb 2008 07:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0923

Summary

Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a "%c0%2e%c0%2e" string.

Vulnerable Systems

Application

  • Vmware Ace 1.0

  • Vmware Ace 1.0.2

  • Vmware Ace 2.0

  • Vmware Ace 2.0.1

  • Vmware Ace 2.0.2

  • Vmware Player 1.0.1 Build 19317

  • Vmware Player 1.0.2

  • Vmware Player 1.0.3

  • Vmware Player 1.0.4

  • Vmware Workstation 4.5.2

  • Vmware Workstation 5.5.3 Build 34685

  • Vmware Workstation 5.5.4

  • Vmware Workstation 6.0

  • Vmware Workstation 6.0.1

  • Vmware Workstation 6.0.2


References

VUPEN - ADV-2008-0905

VUPEN - ADV-2008-0679

SECTRACK - 1019493

BID - 27944

BUGTRAQ - 20080225 CORE-2007-0930 Path Traversal vulnerability in VMware's shared folders implementation

MISC - http://www.coresecurity.com/?action=item&id=2129

XF - vmware-sharedfolders-directory-traversal(40837)

CONFIRM - http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

CONFIRM - http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html

CONFIRM - http://www.vmware.com/support/player2/doc/releasenotes_player2.html

CONFIRM - http://www.vmware.com/support/player/doc/releasenotes_player.html

CONFIRM - http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0005.html

BID - 28276

BUGTRAQ - 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues

SREASON - 3700

SECUNIA - 29117

MLIST - [security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues

CONFIRM - http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004034


Last Updated: 27 May 2016 10:46:58