VMware Support CVE-2014-4200 Insecure File Permissions Vulnerability
BID:69410
CVE-2014-4200 |Info
VMware Support CVE-2014-4200 Insecure File Permissions Vulnerability
| Bugtraq ID: | 69410 |
| Class: | Design Error |
| CVE: |
CVE-2014-4200 |
| Remote: | No |
| Local: | Yes |
| Published: | Aug 26 2014 12:00AM |
| Updated: | Aug 26 2014 12:00AM |
| Credit: | Dolev Farhi |
| Vulnerable: |
VMWare Tools 0 |
| Not Vulnerable: | |
Discussion
VMware Support CVE-2014-4200 Insecure File Permissions Vulnerability
VMware Support is prone to an insecure-file-permissions vulnerability.
A local attacker can exploit this issue to obtain sensitive information. This may aid in other attacks.
VMware Support 0.88 is vulnerable; other versions may also be affected.
VMware Support is prone to an insecure-file-permissions vulnerability.
A local attacker can exploit this issue to obtain sensitive information. This may aid in other attacks.
VMware Support 0.88 is vulnerable; other versions may also be affected.
Exploit / POC
VMware Support CVE-2014-4200 Insecure File Permissions Vulnerability
An attacker can exploit this issue using readily available tools.
An attacker can exploit this issue using readily available tools.
Solution / Fix
VMware Support CVE-2014-4200 Insecure File Permissions Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
VMware Support CVE-2014-4200 Insecure File Permissions Vulnerability
References:
References:
- VMware Homepage (VMware)