You are here

T-591: VMware vmrun Utility Lets Local Users Gain Elevated Privileges

March 30, 2011 - 3:05pm

Addthis

PROBLEM:

A vulnerability was reported in VMware. A local user can obtain elevated privileges on the target system.

 

PLATFORM:

VMware Workstation 6.5.5 and 7.1.3 and prior; VIX API for Linux 1.10.2 and prior

ABSTRACT:
 

The VMware vmrun utility is susceptible to a local privilege escalation in non-standard configurations.

 

reference LINKS:
  

 

VM Advisory ID:VMSA-2011-0006
Secunia Advisory: SA43885
SecurityTracker Alert ID: 1025270
CVE-2011-1126
VM Post

 

IMPACT ASSESSMENT:

Medium
 

 

Discussion:

A security issue has been reported in VMware Workstation, which can be exploited by malicious, local users to gain potentially escalated privileges.

The security issue is caused due to the vmrun utility incorrectly loading libraries from a certain directory. This can be exploited to execute arbitrary code with privileges of the user running vmrun by causing the utility to load a malicious shared library.

 

Impact:

The following versions are affected:
VMware VIX API for Linux 1.10.2 and earlier
VMware Workstation 7.1.3 on Linux and earlier
VMware Workstation 6.5.5 on Linux and earlier

VMware Linux based vmrun utility local privilege escalation.

VMware vmrun is a utility that is used to perform various tasks on virtual machines. The vmrun utility runs on any platform with VIX libraries installed. It is installed in VMware Workstation by default.
In non-standard filesystem configurations, an attacker with the ability to place files into a predefined library path, could take execution control of vmrun.

 

Solution:
 

VMware Workstation 7.1.4 is a maintenance release that resolves some security issues and known problems. It also adds support for Windows 7 SP1 and Ubuntu 10.10 guest and host operating systems.
VMware Security Fixes
VMware Knowledge Base

 

Addthis