PT-2011-3368 · Vmware · Vmware Esxi+3
Published
2011-06-06
·
Updated
2014-11-14
·
CVE-2011-1787
CVSS v2.0
6.9
Medium
| Vector | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
VMware Workstation versions 7.1.x through 7.1.3
VMware Player versions 3.1.x through 3.1.3
VMware Fusion versions 3.1.x through 3.1.2
VMware ESXi versions 3.5 through 4.1
VMware ESX versions 3.0.3 through 4.1
Description
A race condition exists in the mount.vmhgfs component of the VMware Host Guest File System (HGFS), allowing guest OS users to gain privileges on the guest OS. This is achieved by mounting a filesystem on top of an arbitrary directory.
Recommendations
For VMware Workstation versions 7.1.x through 7.1.3, update to version 7.1.4 or later.
For VMware Player versions 3.1.x through 3.1.3, update to version 3.1.4 or later.
For VMware Fusion versions 3.1.x through 3.1.2, update to version 3.1.3 or later.
For VMware ESXi versions 3.5 through 4.1, apply the relevant patch or update.
For VMware ESX versions 3.0.3 through 4.1, apply the relevant patch or update.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vmware Esxi
Vmware Fusion
Vmware Player
Vmware Workstation