CVE-2008-1362
Summary
| CVE | CVE-2008-1362 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2008-03-20 00:44:00 UTC |
| Updated | 2018-10-11 20:32:00 UTC |
| Description | VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an "insecurely created named pipe," a different vulnerability than CVE-2008-1361. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Vmware | Ace | 1.0 | All | All | All |
| Application | Vmware | Ace | 2.0 | All | All | All |
| Application | Vmware | Ace | 1.0 | All | All | All |
| Application | Vmware | Ace | 2.0 | All | All | All |
| Application | Vmware | Player | 1.0.2 | All | All | All |
| Application | Vmware | Player | 1.0.3 | All | All | All |
| Application | Vmware | Player | 1.0.4 | All | All | All |
| Application | Vmware | Player | 1.0.5 | All | All | All |
| Application | Vmware | Player | 2.0 | All | All | All |
| Application | Vmware | Player | 2.0.1 | All | All | All |
| Application | Vmware | Player | 2.0.2 | All | All | All |
| Application | Vmware | Player | 1.0.2 | All | All | All |
| Application | Vmware | Player | 1.0.3 | All | All | All |
| Application | Vmware | Player | 1.0.4 | All | All | All |
| Application | Vmware | Player | 1.0.5 | All | All | All |
| Application | Vmware | Player | 2.0 | All | All | All |
| Application | Vmware | Player | 2.0.1 | All | All | All |
| Application | Vmware | Player | 2.0.2 | All | All | All |
| Application | Vmware | Server | 1.0.3 | All | All | All |
| Application | Vmware | Server | 1.0.3 | All | All | All |
| Application | Vmware | Vmware Server | 1.0.2 | All | All | All |
| Application | Vmware | Vmware Server | 1.0.4 | All | All | All |
| Application | Vmware | Vmware Server | 1.0.2 | All | All | All |
| Application | Vmware | Vmware Server | 1.0.4 | All | All | All |
| Application | Vmware | Vmware Workstation | 5.5.5 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.1 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.2 | All | All | All |
| Application | Vmware | Vmware Workstation | 5.5.5 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.1 | All | All | All |
| Application | Vmware | Vmware Workstation | 6.0.2 | All | All | All |
| Application | Vmware | Workstation | 5.5 | All | All | All |
| Application | Vmware | Workstation | 5.5.3_build_34685 | All | All | All |
| Application | Vmware | Workstation | 5.5.3_build_42958 | All | All | All |
| Application | Vmware | Workstation | 5.5.4 | All | All | All |
| Application | Vmware | Workstation | 5.5.4_build_44386 | All | All | All |
| Application | Vmware | Workstation | 6.0 | All | All | All |
| Application | Vmware | Workstation | 5.5 | All | All | All |
| Application | Vmware | Workstation | 5.5.3_build_34685 | All | All | All |
| Application | Vmware | Workstation | 5.5.3_build_42958 | All | All | All |
| Application | Vmware | Workstation | 5.5.4 | All | All | All |
| Application | Vmware | Workstation | 5.5.4_build_44386 | All | All | All |
| Application | Vmware | Workstation | 6.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityTracker.com Archives - VMware Windows Hosted Systems Named Pipe Bugs Let Local Users Gain Elevated Privileges | SECTRACK | securitytracker.com | |
| VMware Workstation 6 Release Notes | CONFIRM | www.vmware.com | Patch |
| VMware Player Release Notes | CONFIRM | www.vmware.com | Patch |
| Gentoo Linux Documentation -- VMware Player, Server, Workstation: Multiple vulnerabilities | GENTOO | security.gentoo.org | |
| VMSA-2008-0005.1 - VMware | CONFIRM | www.vmware.com | Patch |
| VMware Server Release Notes | CONFIRM | www.vmware.com | Patch |
| [Security-announce] VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues | MLIST | lists.vmware.com | Patch |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| VMware Workstation 5.5 Release Notes | CONFIRM | www.vmware.com | Patch |
| VMware ACE Release Notes | CONFIRM | www.vmware.com | Patch |
| VMware Player Release Notes | CONFIRM | www.vmware.com | Patch |
| SecurityReason - VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues | SREASON | securityreason.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| VMware Server 1.0.5 and Workstation 6.0.3 Multiple Vulnerabilities | BID | www.securityfocus.com | |
| Webmail - OVH | VUPEN | www.vupen.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.