Secunia Security Advisory - Some vulnerabilities have been reported in VMware ESX and ESXi, which can be exploited by malicious, local users to gain escalated privileges.
c269dfabeae01ce463e2fa0763cc12cade015e77017220ed8967eb4977acd041
----------------------------------------------------------------------
Do you need accurate and reliable IDS / IPS / AV detection rules?
Get in-depth vulnerability details:
http://secunia.com/binary_analysis/sample_analysis/
----------------------------------------------------------------------
TITLE:
VMware ESX / ESXi Privilege Escalation and Directory Traversal
Vulnerability
SECUNIA ADVISORY ID:
SA32624
VERIFY ADVISORY:
http://secunia.com/advisories/32624/
CRITICAL:
Less critical
IMPACT:
Privilege escalation
WHERE:
Local system
OPERATING SYSTEM:
VMware ESXi 3.x
http://secunia.com/advisories/product/19561/
VMware ESX Server 3.x
http://secunia.com/advisories/product/10757/
VMware ESX Server 2.x
http://secunia.com/advisories/product/2125/
DESCRIPTION:
Some vulnerabilities have been reported in VMware ESX and ESXi, which
can be exploited by malicious, local users to gain escalated
privileges.
1) A vulnerability in the CPU hardware emulation can be exploited by
malicious, local users to gain escalated privileges.
For more information:
SA32612
This vulnerability is reported in VMware ESX 2.5.4, 2.5.5, 3.0.2,
3.0.3, 3.5, and ESXi 3.5.
2) An unspecified input validation error can be exploited by
administrators to gain escalated privileges via directory traversal
attacks.
Successful exploitation requires that an administrator has the
"Datastore.FileManagement" privilege.
This vulnerability is reported in VMware ESX 3.5 and ESXi 3.5.
SOLUTION:
Update to the latest version or apply patches.
-- VMware ESXi --
ESXi 3.5:
Apply patch ESXe350-200810401-O-UG.
http://download3.vmware.com/software/vi/ESXe350-200810401-O-UG.zip
-- VMware ESX --
ESX 3.5:
Apply patch ESX350-200810201-UG.
http://download3.vmware.com/software/vi/ESX350-200810201-UG.zip
ESX 3.0.3:
Apply patch ESX303-200810501-BG.
http://download3.vmware.com/software/vi/ESX303-200810501-BG.zip
ESX 3.0.2:
Apply patch ESX-1006680.
http://download3.vmware.com/software/vi/ESX-1006680.tgz
VMware ESX 2.5.5:
Apply Patch 10.
http://download3.vmware.com/software/esx/esx-2.5.5-119702-upgrade.tar.gz
VMware ESX 2.5.4:
Apply Patch 21
http://download3.vmware.com/software/esx/esx-2.5.4-119703-upgrade.tar.gz
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) Derek Soeder
2) Michel Toussaint
ORIGINAL ADVISORY:
VMSA-2008-0018:
http://lists.vmware.com/pipermail/security-announce/2008/000042.html
OTHER REFERENCES:
SA32612:
http://secunia.com/advisories/32612/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------