Lucene search
Copyright (C) 2016 Greenbone AGOPENVAS:1361412562310806755HistoryMay 20, 2016 - 12:00 a.m.
VMware Fusion Privilege Escalation Vulnerability (May 2016) - Mac OS X
2016-05-2000:00:00
Copyright (C) 2016 Greenbone AG
plugins.openvas.org
14
3.9 Low
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.007 Low
EPSS
Percentile
80.6%
VMware Fusion is prone to host privilege escalation vulnerability.
# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:vmware:fusion";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.806755");
script_version("2024-02-09T05:06:25+0000");
script_cve_id("CVE-2014-8370");
script_tag(name:"cvss_base", value:"6.4");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:P");
script_tag(name:"last_modification", value:"2024-02-09 05:06:25 +0000 (Fri, 09 Feb 2024)");
script_tag(name:"creation_date", value:"2016-05-20 09:35:33 +0530 (Fri, 20 May 2016)");
script_name("VMware Fusion Privilege Escalation Vulnerability (May 2016) - Mac OS X");
script_tag(name:"summary", value:"VMware Fusion is prone to host privilege escalation vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"The flaw is due to an arbitrary file write
issue.");
script_tag(name:"impact", value:"Successful exploitation would allow an attacker
to gain host OS privileges or cause a denial of service by modifying a
configuration file.");
script_tag(name:"affected", value:"VMware Fusion 6.x before 6.0.5 on
Mac OS X.");
script_tag(name:"solution", value:"Upgrade to VMware Fusion version
6.0.5 or later.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"executable_version");
script_xref(name:"URL", value:"http://www.vmware.com/security/advisories/VMSA-2015-0001.html");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/72338");
script_copyright("Copyright (C) 2016 Greenbone AG");
script_category(ACT_GATHER_INFO);
script_family("General");
script_dependencies("secpod_vmware_fusion_detect_macosx.nasl");
script_mandatory_keys("VMware/Fusion/MacOSX/Version");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if(!vmwareVer = get_app_version(cpe:CPE))
exit(0);
if(vmwareVer =~ "^6\.") {
if(version_is_less(version:vmwareVer, test_version:"6.0.5")) {
report = report_fixed_ver(installed_version:vmwareVer, fixed_version:"6.0.5");
security_message(data:report);
exit(0);
}
}
Related
cve
cve
CVE-2014-8370
2015-01-29 18:59:00
prion
prion
Design/Logic Flaw
2015-01-29 18:59:00
jvn
jvn
JVN#88252465: Arbitrary files may be overwritten in multiple VMware products
2015-01-29 00:00:00
nessus
nessus
VMware Fusion 6.x < 6.0.5 / 7.x < 7.0.1 Multiple Vulnerabilities (VMSA-2015-0001)
2015-02-05 00:00:00
ESXi 5.0 < Build 1749766 Multiple Vulnerabilities (remote check)
2015-01-29 00:00:00
openvas
openvas
VMware Player Multiple Vulnerabilities (May 2016) - Windows
2016-05-20 00:00:00
VMware Player Multiple Vulnerabilities (May 2016) - Linux
2016-05-20 00:00:00
VMware Workstation Multiple Vulnerabilities (May 2016) - Windows
2016-05-20 00:00:00
vmware
vmware
kaspersky
kaspersky
KLA10452 Multiple vulnerabilities in VMware products
2015-01-27 00:00:00
3.9 Low
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.007 Low
EPSS
Percentile
80.6%
Related for OPENVAS:1361412562310806755