Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2145

Overview

Vulnerability Score 6.3 6.3
CVE Id CVE-2011-2145
Last Modified 13 Nov 2014 10:00:32
Published 06 Jun 2011 03:55:02
Confidentiality Impact NONE NONE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2145

Summary

mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a "procedural error."

Vulnerable Systems

Application

  • Vmware Esx 3.0.3

  • Vmware Esx 3.5

  • Vmware Esx 4.0

  • Vmware Esx 4.1

  • Vmware Esxi 3.5

  • Vmware Esxi 4.0

  • Vmware Esxi 4.1

  • Vmware Fusion 3.1

  • Vmware Fusion 3.1.1

  • Vmware Fusion 3.1.2

  • Vmware Player 3.1

  • Vmware Player 3.1.1

  • Vmware Player 3.1.2

  • Vmware Player 3.1.3

  • Vmware Workstation 7.1.1

  • Vmware Workstation 7.1.2

  • Vmware Workstation 7.1.3


References

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2011-0009.html

SUSE - openSUSE-SU-2011:0617

XF - vmware-mountvmhgfs-privilege-esc(67815)

SECTRACK - 1025601

BID - 48098

SECUNIA - 44904

SECUNIA - 44840

Related Patches

VMware VMSA-2011-0011 VMware Fusion 3.1.3 for Mac (See Notes)


Last Updated: 27 May 2016 11:07:00