Lucene search
Copyright (C) 2017 Greenbone AGOPENVAS:1361412562310810679HistoryApr 07, 2017 - 12:00 a.m.
VMware Player 'RPC Command' Denial of Service Vulnerability - Windows
2017-04-0700:00:00
Copyright (C) 2017 Greenbone AG
plugins.openvas.org
16
6.3 Medium
AI Score
Confidence
Low
7.8 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.008 Low
EPSS
Percentile
81.3%
VMware Player is prone to a denial of service (DoS) vulnerability.
# SPDX-FileCopyrightText: 2017 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:vmware:player";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.810679");
script_version("2024-02-15T05:05:40+0000");
script_cve_id("CVE-2015-2341");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"last_modification", value:"2024-02-15 05:05:40 +0000 (Thu, 15 Feb 2024)");
script_tag(name:"creation_date", value:"2017-04-07 17:39:57 +0530 (Fri, 07 Apr 2017)");
script_name("VMware Player 'RPC Command' Denial of Service Vulnerability - Windows");
script_tag(name:"summary", value:"VMware Player is prone to a denial of service (DoS) vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"The flaw is due to an input validation
issue on an RPC command.");
script_tag(name:"impact", value:"Successful exploitation will allow remote
attackers to conduct a denial of service condition.");
script_tag(name:"affected", value:"VMware Player 6.x before 6.0.6
on Windows.");
script_tag(name:"solution", value:"Upgrade to VMware Player version
6.0.6 or later.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"registry");
script_xref(name:"URL", value:"http://www.vmware.com/security/advisories/VMSA-2015-0004.html");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75094");
script_copyright("Copyright (C) 2017 Greenbone AG");
script_category(ACT_GATHER_INFO);
script_family("Denial of Service");
script_dependencies("gb_vmware_prdts_detect_win.nasl");
script_mandatory_keys("VMware/Player/Win/Ver");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if(!vmwareVer = get_app_version(cpe:CPE)){
exit(0);
}
if(vmwareVer =~ "^6\.")
{
if(version_is_less(version:vmwareVer, test_version:"6.0.6"))
{
report = report_fixed_ver(installed_version:vmwareVer, fixed_version:"6.0.6");
security_message(data:report );
exit(0);
}
}
Related
nessus
nessus
VMware Player 6.x < 6.0.6 RPC Command DoS (VMSA-2015-0004) (Linux)
2015-06-16 00:00:00
VMware Fusion 6.x < 6.0.6 / 7.x < 7.0.1 RPC Command DoS
2015-06-16 00:00:00
VMware Workstation 10.x < 10.0.6 RPC Command DoS (VMSA-2015-0004) (Linux)
2015-06-16 00:00:00
prion
prion
Command injection
2015-06-13 14:59:00
openvas
openvas
VMware Player 'RPC Command' Denial of Service Vulnerability - Linux
2017-04-07 00:00:00
VMware Fusion 'RPC Command' Denial of Service Vulnerability - Mac OS X
2017-04-07 00:00:00
VMware Workstation Multiple Vulnerabilities (May 2016) - Linux
2016-05-20 00:00:00
cvelist
cvelist
CVE-2015-2341
2015-06-13 14:00:00
nvd
nvd
CVE-2015-2341
2015-06-13 14:59:04
cve
cve
CVE-2015-2341
2015-06-13 14:59:04
kaspersky
kaspersky
KLA10597 Multiple vulnerabilities in VMware products
2015-06-09 00:00:00
securityvulns
securityvulns
vmware
vmware
6.3 Medium
AI Score
Confidence
Low
7.8 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.008 Low
EPSS
Percentile
81.3%
Related for OPENVAS:1361412562310810679