what you don't know can hurt you

VMware Security Advisory 2015-0001

VMware Security Advisory 2015-0001
Posted Jan 28, 2015
Authored by VMware | Site vmware.com

VMware Security Advisory 2015-0001 - VMware vCenter Server, ESXi, Workstation, Player and Fusion address several security issues.

tags | advisory
advisories | CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-3660, CVE-2014-8370, CVE-2015-1043, CVE-2015-1044
MD5 | a45dda44dc108cb82a5e5d8f5a6e5a1a

VMware Security Advisory 2015-0001

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
VMware Security Advisory

Advisory ID: VMSA-2015-0001
Synopsis: VMware vCenter Server, ESXi, Workstation, Player, and Fusion
updates address security issues
Issue date: 2015-01-27
Updated on: 2015-01-27 (Initial Advisory)
CVE number: CVE-2014-8370, CVE-2015-1043, CVE-2015-1044

--- OPENSSL---
CVE-2014-3513, CVE-2014-3567,CVE-2014-3566, CVE-2014-3568

--- libxml2 ---
CVE-2014-3660
- ------------------------------------------------------------------------

1. Summary

VMware vCenter Server, ESXi, Workstation, Player and Fusion address
several security issues.

2. Relevant Releases

VMware Workstation 10.x prior to version 10.0.5

VMware Player 6.x prior to version 6.0.5

VMware Fusion 7.x prior to version 7.0.1
VMware Fusion 6.x prior to version 6.0.5

vCenter Server 5.5 prior to Update 2d

ESXi 5.5 without patch ESXi550-201403102-SG, ESXi550-201501101-SG
ESXi 5.1 without patch ESXi510-201404101-SG
ESXi 5.0 without patch ESXi500-201405101-SG

3. Problem Description

a. VMware ESXi, Workstation, Player, and Fusion host privilege
escalation vulnerability

VMware ESXi, Workstation, Player and Fusion contain an arbitrary
file write issue. Exploitation this issue may allow for privilege
escalation on the host.

The vulnerability does not allow for privilege escalation from
the guest Operating System to the host or vice-versa. This means
that host memory can not be manipulated from the Guest Operating
System.

Mitigation

For ESXi to be affected, permissions must have been added to ESXi
(or a vCenter Server managing it) for a virtual machine
administrator role or greater.

VMware would like to thank Shanon Olsson for reporting this issue to
us through JPCERT.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the identifier CVE-2014-8370 to this issue.

Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
Workstation 11.x any not affected
Workstation 10.x any 10.0.5

Player 7.x any not affected
Player 6.x any 6.0.5

Fusion 7.x any not affected
Fusion 6.x any 6.0.5

ESXi 5.5 ESXi ESXi550-201403102-SG
ESXi 5.1 ESXi ESXi510-201404101-SG
ESXi 5.0 ESXi ESXi500-201405101-SG

b. VMware Workstation, Player, and Fusion Denial of Service
vulnerability

VMware Workstation, Player, and Fusion contain an input validation
issue in the Host Guest File System (HGFS). This issue may allow
for a Denial of Service of the Guest Operating system.

VMware would like to thank Peter Kamensky from Digital Security for
reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the identifier CVE-2015-1043 to this issue.

Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
Workstation 11.x any not affected
Workstation 10.x any 10.0.5

Player 7.x any not affected
Player 6.x any 6.0.5

Fusion 7.x any 7.0.1
Fusion 6.x any 6.0.5

c. VMware ESXi, Workstation, and Player Denial of Service
vulnerability

VMware ESXi, Workstation, and Player contain an input
validation issue in VMware Authorization process (vmware-authd).
This issue may allow for a Denial of Service of the host. On
VMware ESXi and on Workstation running on Linux the Denial of
Service would be partial.

VMware would like to thank Dmitry Yudin @ret5et for reporting
this issue to us through HP's Zero Day Initiative.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the identifier CVE-2015-1044 to this issue.

Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
Workstation 11.x any not affected
Workstation 10.x any 10.0.5

Player 7.x any not affected
Player 6.x any 6.0.5

Fusion 7.x any not affected
Fusion 6.x any not affected

ESXi 5.5 ESXi ESXi550-201501101-SG
ESXi 5.1 ESXi ESXi510-201410101-SG
ESXi 5.0 ESXi not affected

d. Update to VMware vCenter Server and ESXi for OpenSSL 1.0.1
and 0.9.8 package

The OpenSSL library is updated to version 1.0.1j or 0.9.8zc
to resolve multiple security issues.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2014-3513, CVE-2014-3567,
CVE-2014-3566 ("POODLE") and CVE-2014-3568 to these issues.

Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
vCenter Server 5.5 any Update 2d*
vCenter Server 5.1 any patch pending
vCenter Server 5.0 any patch pending

ESXi 5.5 ESXi ESXi550-201501101-SG
ESXi 5.1 ESXi patch pending
ESXi 5.0 ESXi patch pending

* The VMware vCenter 5.5 SSO component will be
updated in a later release

e. Update to ESXi libxml2 package

The libxml2 library is updated to version libxml2-2.7.6-17
to resolve a security issue.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2014-3660 to this issue.

Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/
Product Version on Apply Patch
============= ======= ======= =================
ESXi 5.5 ESXi ESXi550-201501101-SG
ESXi 5.1 ESXi patch pending
ESXi 5.0 ESXi patch pending

4. Solution

Please review the patch/release notes for your product and
version and verify the checksum of your downloaded file.

VMware Workstation 10.x
--------------------------------
https://www.vmware.com/go/downloadworkstation

VMware Player 6.x
--------------------------------
https://www.vmware.com/go/downloadplayer

VMware Fusion 7.x and 6.x
--------------------------------
https://www.vmware.com/go/downloadplayer

vCenter Server
----------------------------
Downloads and Documentation:
https://www.vmware.com/go/download-vsphere

ESXi 5.5 Update 2d
----------------------------
File: update-from-esxi5.5-5.5_update01.zip
md5sum: 5773844efc7d8e43135de46801d6ea25
sha1sum: 6518355d260e81b562c66c5016781db9f077161f
http://kb.vmware.com/kb/2065832
update-from-esxi5.5-5.5_update01 contains ESXi550-201403102-SG

ESXi 5.5
----------------------------
File: ESXi550-201501001.zip
md5sum: b0f2edd9ad17d0bae5a11782aaef9304
sha1sum: 9cfcb1e2cf1bb845f0c96c5472d6b3a66f025dd1
http://kb.vmware.com/kb/2099265
ESXi550-201501001.zip contains ESXi550-201501101-SG

ESXi 5.1
----------------------------
File: ESXi510-201404001.zip
md5sum: 9dc3c9538de4451244a2b62d247e52c4
sha1sum: 6b1ea36a2711665a670afc9ae37cdd616bb6da66
http://kb.vmware.com/kb/2070666
ESXi510-201404001 contains ESXi510-201404101-SG

ESXi 5.0
----------------------------
File: ESXi500-201405001.zip
md5sum: 7cd1afc97f5f1e4b4132c90835f92e1d
sha1sum: 4bd77eeb5d7fc65bbb6f25762b0fa74fbb9679d5
http://kb.vmware.com/kb/2075521
ESXi500-201405001 contains ESXi500-201405101-SG

5. References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660

- ------------------------------------------------------------------------

6. Change log

2015-01-27 VMSA-2015-0001
Initial security advisory in conjunction with the release of VMware
Workstation 10.0.5, VMware Player 6.0.5, vCenter Server 5.5 Update 2d
and, ESXi 5.5 Patches released on 2015-01-27.

- ------------------------------------------------------------------------

7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

security-announce at lists.vmware.com
bugtraq at securityfocus.com
fulldisclosure at seclists.org

E-mail: security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055

VMware Security Advisories
http://www.vmware.com/security/advisories

Consolidated list of VMware Security Advisories
http://kb.vmware.com/kb/2078735

VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html

VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html

Twitter
https://twitter.com/VMwareSRC

Copyright 2015 VMware Inc. All rights reserved.


-----BEGIN PGP SIGNATURE-----
Version: Encryption Desktop 10.3.0 (Build 8741)
Charset: utf-8

wj8DBQFUx/+UDEcm8Vbi9kMRAmzrAKDG7u8ZTSlfQzU3eFphjebNgDkW2ACfZ9JE
c75UD0ctlJx5607JuLfnb6Y=
=IxpT
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close