Showing 1 - 3 of 3

CVE-2008-0967

Status Candidate

Overview

Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.

Related Files

Gentoo Linux Security Advisory 201209-25: Posted Sep 30, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201209-25 - Multiple vulnerabilities have been found in VMware Player, Server, and Workstation, allowing remote and local attackers to conduct several attacks, including privilege escalation, remote execution of arbitrary code, and a Denial of Service.; tags | advisory, remote, denial of service, arbitrary, local, vulnerability; systems | linux, gentoo; advisories | CVE-2007-5269, CVE-2007-5503, CVE-2007-5671, CVE-2008-0967, CVE-2008-1340, CVE-2008-1361, CVE-2008-1362, CVE-2008-1363, CVE-2008-1364, CVE-2008-1392, CVE-2008-1447, CVE-2008-1806, CVE-2008-1807, CVE-2008-1808, CVE-2008-2098, CVE-2008-2100, CVE-2008-2101, CVE-2008-4915, CVE-2008-4916, CVE-2008-4917, CVE-2009-0040, CVE-2009-0909, CVE-2009-0910, CVE-2009-1244, CVE-2009-2267, CVE-2009-3707, CVE-2009-3732, CVE-2009-3733; MD5 | 51bbb06deb17fab0f37713179ca258d1; Download | Favorite | Comments (0)

iDEFENSE Security Advisory 2008-06-04.4: Posted Jun 5, 2008; Authored by iDefense Labs | Site idefense.com; iDefense Security Advisory 06.04.08 - Local exploitation of an untrusted library path vulnerability in multiple products distributed by VMware Inc. could allow an attacker to execute arbitrary code with root privileges. The Linux version of VMware products include a program called 'vmware-authd', which is installed set-uid root. When this program is executed, it reads configuration options from the executing user's VMware configuration file. One such option allows the user to specify the directory in which to look for shared library modules needed by the program. By loading a specially crafted library, an attacker can execute arbitrary code with elevated privileges. iDefense confirmed the existence of this vulnerability in the following VMware products: VMware Workstation 6.0.2.59824 for Linux, VMware GSX Server 3.2.1.14497 for Linux, and VMware ESX Server 3.0.1.32039.; tags | advisory, arbitrary, local, root; systems | linux; advisories | CVE-2008-0967; MD5 | 2a3b23e6378730d10e8b9d874a596767; Download | Favorite | Comments (0)

VMware Security Advisory 2008-0009: Posted Jun 5, 2008; Authored by VMware | Site vmware.com; VMware Security Advisory - Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues.; tags | advisory; advisories | CVE-2007-5671, CVE-2008-0967, CVE-2008-2097, CVE-2008-2100, CVE-2006-1721, CVE-2008-0553, CVE-2007-5378, CVE-2007-4772, CVE-2008-0888, CVE-2008-0062, CVE-2008-0063, CVE-2008-0948; MD5 | 21a9f9bc9d12b67725e49cdbc7495422; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 58 files
Ubuntu 36 files
Debian 19 files
Ismail Tasdelen 18 files
LiquidWorm 14 files
Thierry Zoller 10 files
FULLSHADE 8 files
Slackware Security Team 6 files
hyp3rlinx 5 files
Harrison Neal 4 files

File Archives

Systems

AIX (416)
Apple (1,695)
BSD (363)
Cisco (1,880)
Debian (5,923)
Fedora (1,687)
FreeBSD (1,236)
Gentoo (3,733)
HPUX (870)
iOS (228)
iPhone (107)
IRIX (220)
Juniper (67)
Linux (36,732)
Mac OS X (659)
Mandriva (3,105)
NetBSD (255)
OpenBSD (465)
RedHat (8,012)
Slackware (935)
Solaris (1,587)
SUSE (1,444)
Ubuntu (6,514)
UNIX (8,577)
UnixWare (177)
Windows (5,585)
Other

CVE-2008-0967

Overview

Related Files

File Archive:

January 2020

Top Authors In Last 30 Days

File Tags

File Archives

Systems