Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20427
HistoryApr 01, 2011 - 12:00 a.m.

Linux平台上的VMware "vmrun"本地权限提升漏洞

2011-04-0100:00:00
Root
www.seebug.org
15

EPSS

0

Percentile

5.1%

JSON

BUGTRAQ ID: 47094
CVE ID: CVE-2011-1126

VMware VIX API可协作您编写虚拟机自动化操作的软件和脚本,运行程序或管理客户机操作系统中的文件。VMware Workstation是一款功能强大的桌面虚拟计算机软件,提供用户可在单一的桌面上同时运行不同的操作系统,和进行开发、测试 、部署新的应用程序的最佳解决方案。

Linux平台上的VMware "vmrun"在实现上存在本地权限提升漏洞,攻击者可利用此漏洞造成权限提升。

此漏洞源于vmrun程序错误地从某些目录中加载库,造成以当前运行vmrun的用户权限执行任意代码,使程序加载恶意共享库。

VMWare Workstation 7.x
VMWare Workstation 6.x
厂商补丁:

VMWare

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.vmware.com

Related

securityvulns 2
openvas 2
seebug 1
cvelist 1
vmware 2
cve 1
prion 1
nvd 1
securityvulns
securityvulns
VMSA-2011-0006 VMware vmrun utility local privilege escalation
2011-03-31 00:00:00
VMware privilege escalation
2011-03-31 00:00:00
openvas
openvas
VMware Workstation 'vmrun' Library Path Privilege Escalation Vulnerability (Linux)
2011-04-11 00:00:00
VMware Workstation 'vmrun' Library Path Privilege Escalation Vulnerability (VMSA-2011-0006) - Linux
2011-04-11 00:00:00
seebug
seebug
Red Hat Xen管理程序实现本地Guest拒绝服务漏洞
2011-06-02 00:00:00
cvelist
cvelist
CVE-2011-1126
2011-04-01 21:00:00
vmware
vmware
VMware vmrun utility local privilege escalation
2011-03-29 00:00:00
VMware vmrun utility local privilege escalation
2011-03-29 00:00:00
cve
cve
CVE-2011-1126
2011-04-04 12:27:38
prion
prion
Directory traversal
2011-04-04 12:27:00
nvd
nvd
CVE-2011-1126
2011-04-04 12:27:38

EPSS

0

Percentile

5.1%

JSON
Related for SSV:20427
securityvulns2openvas2seebug1cvelist1vmware2cve1prion1nvd1