Lucene search
This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.VMWARE_PLAYER_LINUX_VMSA_2018_0022.NASLHistoryAug 20, 2018 - 12:00 a.m.
VMware Player 14.x < 14.1.3 Out-of-Bounds Write (VMSA-2018-022) (Linux)
2018-08-2000:00:00
This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
The version of VMware Player installed on the remote Linux host is 14.x prior to 14.1.3. It is, therefore, missing a security update that fixes an out-of-bounds write vulnerability.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(111975);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/03/01");
script_cve_id("CVE-2018-6973");
script_bugtraq_id(105094);
script_xref(name:"VMSA", value:"2018-0022");
script_name(english:"VMware Player 14.x < 14.1.3 Out-of-Bounds Write (VMSA-2018-022) (Linux)");
script_summary(english:"Checks the VMware Player version.");
script_set_attribute(attribute:"synopsis", value:
"A virtualization application installed on the remote Linux host is
affected by an out-of-bounds write vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of VMware Player installed on the remote Linux host
is 14.x prior to 14.1.3. It is, therefore, missing a security
update that fixes an out-of-bounds write vulnerability.");
script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/us/security/advisories/VMSA-2018-022.html");
script_set_attribute(attribute:"solution", value:
"Upgrade to VMware Player version 14.1.3 or later.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-6973");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/14");
script_set_attribute(attribute:"patch_publication_date", value:"2018/08/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:vmware:workstation");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"General");
script_copyright(english:"This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("vmware_player_linux_installed.nbin");
script_require_keys("Host/VMware Player/Version");
script_exclude_keys("SMB/Registry/Enumerated");
exit(0);
}
include("vcf.inc");
var app = "VMware Player";
var app_info = vcf::get_app_info(app:app);
var constraints = [{'fixed_version' : '14.1.3'}];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| vmware | workstation | cpe:/a:vmware:workstation |
Related
nessus
nessus
VMware Workstation 14.x < 14.1.3 Out-of-Bounds Write (VMSA-2018-0022)
2018-08-20 00:00:00
VMware Player 14.x < 14.1.3 Out-of-Bounds Write (VMSA-2018-022)
2018-08-20 00:00:00
cve
cve
CVE-2018-6973
2018-08-15 12:29:00
zdi
zdi
VMware Workstation e1000 Buffer Overflow Privilege Escalation Vulnerability
2018-09-17 00:00:00
prion
prion
Out-of-bounds
2018-08-15 12:29:00
vmware
vmware
VMware Workstation and Fusion updates address an out-of-bounds write issue
2018-08-14 00:00:00
kaspersky
kaspersky
KLA11304 Multiple vulnerabilities in VMware products
2018-08-14 00:00:00
Related for VMWARE_PLAYER_LINUX_VMSA_2018_0022.NASL