Summary: | <app-emulation/vmware-{workstation-6.5.3,player-2.5.3,server-1.0.10.203137,server-2.0.2.23138} privilege escalation (CVE-2009-{2267,3707,3733}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | bmaas, vadimk |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.vmware.com/security/advisories/VMSA-2009-0015.html | ||
Whiteboard: | B1 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Stefan Behte (RETIRED)
2009-12-18 00:41:06 UTC
I think we only need an ebuild for the stable series of vmware-server, 1.0.10.203137. CVE-2009-3707 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707): VMware Authentication Daemon 1.0 in vmware-authd.exe 6.5.3.8888 in the VMware Authorization Service 2.5.3 and earlier in VMware Workstation 6.5.3 build 185404, VMware Player 2.5.2 build 156735 and 2.5.3 build 185404, and VMware ACE 2.5.3 allows remote attackers to cause a denial of service (process crash) via a \x25\xFF sequence in the USER and PASS commands, related to a "format string DoS" issue. NOTE: some of these details are obtained from third party information. CVE-2009-3733 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733): Directory traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5 allows remote attackers to read arbitrary files via unspecified vectors. (In reply to comment #1) > I think we only need an ebuild for the stable series of vmware-server, > 1.0.10.203137. > *vmware-server-1.0.10.203137 (18 Dec 2009) 18 Dec 2009; Vadim Kuznetsov <vadimk@gentoo.org> +vmware-server-1.0.10.203137.ebuild: Bug 297367 I have not run it nor tested it. Thanks. Hi Vadim, is this ok for stabilization now? (In reply to comment #4) > Hi Vadim, is this ok for stabilization now? I will try to find hardware and time to test it this week before I say yes or no. I had no luck last week. :( I have not invested much effort into vmware server 1, though. Any help is welcome! Thanks. Can it go stable now? Vulnerable versions have been removed. This issue was resolved and addressed in GLSA 201209-25 at http://security.gentoo.org/glsa/glsa-201209-25.xml by GLSA coordinator Sean Amoss (ackle). |