a. Insecure library loading through LD_LIBRARY_PATH
VMware vCenter Server contains an insecure library loading issue that occurs due to the use of LD_LIBRARY_PATH variable in an unsafe manner. Successful exploitation of this issue may allow unprivileged host users to load a shared library that may lead to privilege escalation.
Note: In order to exploit this issue an attacker should be able to trick the admin to execute wrapper scripts from a world writable directory.
VMware would like to thank Thorsten TΓΌllmann, researcher at Karlsruhe Institute of Technology for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4921 to this issue.
Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
CPE | Name | Operator | Version |
---|---|---|---|
vcenter server | lt | 6.5 U1 | |
vmware tools | lt | 10.0.9 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5191
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4923
kb.vmware.com/kb/2078735
lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
www.vmware.com/security/advisories
blogs.vmware.com/security
docs.vmware.com/en/VMware-vSphere/index.html
kb.vmware.com/kb/1055
my.vmware.com/web/vmware/details?downloadGroup=VC65U1&productId=614&rPId=17343
my.vmware.com/web/vmware/details?productId=491&downloadGroup=VMTOOLS1009
twitter.com/VMwareSRC
www.vmware.com/support/policies/lifecycle.html
www.vmware.com/support/policies/security_response.html