Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1126

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2011-1126
Last Modified 19 Mar 2012 12:00:00
Published 04 Apr 2011 08:27:38
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1126

Summary

VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.

Vulnerable Systems

Application

  • Vmware Vix Api 1.0

  • Vmware Vix Api 1.1

  • Vmware Vix Api 1.1.1

  • Vmware Vix Api 1.1.2

  • Vmware Vix Api 1.1.3

  • Vmware Vix Api 1.1.4

  • Vmware Vix Api 1.1.5

  • Vmware Vix Api 1.6.0

  • Vmware Vix Api 1.6.1

  • Vmware Vix Api 1.7

  • Vmware Vix Api 1.8

  • Vmware Vix Api 1.8.1

  • Vmware Vix Api 1.9

  • Vmware Workstation 6.5.0

  • Vmware Workstation 6.5.1

  • Vmware Workstation 6.5.2

  • Vmware Workstation 6.5.3

  • Vmware Workstation 6.5.4

  • Vmware Workstation 6.5.5

  • Vmware Workstation 7.0

  • Vmware Workstation 7.0.1

  • Vmware Workstation 7.1

  • Vmware Workstation 7.1.1

  • Vmware Workstation 7.1.2

  • Vmware Workstation 7.1.3


References

XF - vmware-vmrun-privilege-escalation(66472)

VUPEN - ADV-2011-0816

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2011-0006.html

BID - 47094

BUGTRAQ - 20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation

SECTRACK - 1025270

SREASON - 8173

SECUNIA - 43943

SECUNIA - 43885

MLIST - [security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation


Last Updated: 27 May 2016 10:56:11