Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1361

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-1361
Last Modified 14 May 2013 10:39:19
Published 19 Mar 2008 08:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-1361

Summary

VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362.

Vulnerable Systems

Application

  • Vmware Ace 1.0

  • Vmware Ace 1.0.1

  • Vmware Ace 1.0.2

  • Vmware Ace 1.0.3

  • Vmware Ace 1.0.4

  • Vmware Ace 2.0

  • Vmware Player 1.0.2

  • Vmware Player 1.0.3

  • Vmware Player 1.0.4

  • Vmware Player 1.0.5

  • Vmware Player 2.0

  • Vmware Player 2.0.1

  • Vmware Player 2.0.2

  • Vmware Server 1.0.0

  • Vmware Server 1.0.1

  • Vmware Server 1.0.2

  • Vmware Server 1.0.3

  • Vmware Server 1.0.4

  • Vmware Workstation 5.5

  • Vmware Workstation 5.5.3 Build 34685

  • Vmware Workstation 5.5.3 Build 42958

  • Vmware Workstation 5.5.4

  • Vmware Workstation 5.5.4 Build 44386

  • Vmware Workstation 5.5.5

  • Vmware Workstation 6.0

  • Vmware Workstation 6.0.1

  • Vmware Workstation 6.0.2


References

CONFIRM - http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html

CONFIRM - http://www.vmware.com/support/server/doc/releasenotes_server.html

CONFIRM - http://www.vmware.com/support/player2/doc/releasenotes_player2.html

CONFIRM - http://www.vmware.com/support/player/doc/releasenotes_player.html

CONFIRM - http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2008-0005.html

BID - 28276

XF - vmware-authd-privilege-escalation(41257)

VUPEN - ADV-2008-0905

CONFIRM - http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

BUGTRAQ - 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues

SECTRACK - 1019621

SREASON - 3755

MLIST - [security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues

GENTOO - GLSA-201209-25


Last Updated: 27 May 2016 10:53:48