VMware OpenProcess Local Privilege Escalation Vulnerability
BID:30936
Info
VMware OpenProcess Local Privilege Escalation Vulnerability
| Bugtraq ID: | 30936 |
| Class: | Design Error |
| CVE: |
CVE-2008-3698 |
| Remote: | No |
| Local: | Yes |
| Published: | Aug 30 2008 12:00AM |
| Updated: | Sep 01 2008 07:55PM |
| Credit: | Sun Bing from McAfee, Inc. |
| Vulnerable: |
VMWare Workstation 5.5.8 build 108000 VMWare Workstation 5.5.8 VMWare Server 1.0.7 build 108231 VMWare Server 1.0.7 VMWare Player 1.0.8 build 108000 VMWare Player 1.0.8 VMWare ACE 1.0.7 build 108880 VMWare ACE 1.0.7 |
| Not Vulnerable: | |
Discussion
VMware OpenProcess Local Privilege Escalation Vulnerability
VMware OpenProcess is prone to a local privilege-escalation vulnerability.
An attacker can exploit this vulnerability to run arbitrary code on the host system with elevated privileges.
VMware OpenProcess is prone to a local privilege-escalation vulnerability.
An attacker can exploit this vulnerability to run arbitrary code on the host system with elevated privileges.
Exploit / POC
VMware OpenProcess Local Privilege Escalation Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
VMware OpenProcess Local Privilege Escalation Vulnerability
Solution:
The vendor has released an advisory and fixes. Please see the references for more information.
Solution:
The vendor has released an advisory and fixes. Please see the references for more information.