ID CVE-2008-4917
Summary Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption.
References
Vulnerable Configurations
  • cpe:2.3:a:vmware:esxi:3.5
    cpe:2.3:a:vmware:esxi:3.5
  • VMware Player 1.0.0
    cpe:2.3:a:vmware:player:1.0.0
  • VMware Player 1.0.1
    cpe:2.3:a:vmware:player:1.0.1
  • VMware Player 1.0.2
    cpe:2.3:a:vmware:player:1.0.2
  • VMware Player 1.0.3
    cpe:2.3:a:vmware:player:1.0.3
  • VMWare Player 1.0.4
    cpe:2.3:a:vmware:player:1.0.4
  • VMware Player 1.0.5
    cpe:2.3:a:vmware:player:1.0.5
  • VMware Player 1.0.5
    cpe:2.3:a:vmware:player:1.0.5_build_56455
  • VMware Player 1.0.6
    cpe:2.3:a:vmware:player:1.0.6
  • VMware Player 1.0.7
    cpe:2.3:a:vmware:player:1.0.7
  • VMware Player 1.0.8
    cpe:2.3:a:vmware:player:1.0.8
  • VMWare Player 2.0
    cpe:2.3:a:vmware:player:2.0
  • VMware Player 2.0.1
    cpe:2.3:a:vmware:player:2.0.1
  • VMware Player 2.0.1
    cpe:2.3:a:vmware:player:2.0.1_build_55017
  • VMware Player 2.0.2
    cpe:2.3:a:vmware:player:2.0.2
  • VMware Player 2.0.3
    cpe:2.3:a:vmware:player:2.0.3
  • VMware Player 2.0.4
    cpe:2.3:a:vmware:player:2.0.4
  • VMware Player 2.0.5
    cpe:2.3:a:vmware:player:2.0.5
  • VMWare VMware Server 1.0
    cpe:2.3:a:vmware:server:1.0
  • VMWare Server 1.0.1
    cpe:2.3:a:vmware:server:1.0.1
  • VMWare VMware Server 1.0.1.29996
    cpe:2.3:a:vmware:server:1.0.1_build_29996
  • VMWare Server 1.0.2
    cpe:2.3:a:vmware:server:1.0.2
  • VMWare Server 1.0.3
    cpe:2.3:a:vmware:server:1.0.3
  • VMWare Server 1.0.4
    cpe:2.3:a:vmware:server:1.0.4
  • VMWare VMware Server 1.0.4.56528
    cpe:2.3:a:vmware:server:1.0.4_build_56528
  • VMWare Server 1.0.5
    cpe:2.3:a:vmware:server:1.0.5
  • VMWare Server 1.0.6
    cpe:2.3:a:vmware:server:1.0.6
  • VMWare Server 1.0.7
    cpe:2.3:a:vmware:server:1.0.7
  • VMWare Server 1.0.8
    cpe:2.3:a:vmware:server:1.0.8
  • VMWare Server 1.0.9
    cpe:2.3:a:vmware:server:1.0.9
  • VMWare VMWare 5.5
    cpe:2.3:a:vmware:workstation:5.5
  • VMWare VMWare Workstation 5.5.0 build13124
    cpe:2.3:a:vmware:workstation:5.5.0_build_13124
  • VMWare VMWare Workstation 5.5.1
    cpe:2.3:a:vmware:workstation:5.5.1
  • VMWare VMWare Workstation 5.5.1 build19175
    cpe:2.3:a:vmware:workstation:5.5.1_build_19175
  • VMWare VMWare 5.5.2
    cpe:2.3:a:vmware:workstation:5.5.2
  • VMWare VMWare 5.5.3
    cpe:2.3:a:vmware:workstation:5.5.3
  • VMWare VMWare Workstation 5.5.3 build 34685
    cpe:2.3:a:vmware:workstation:5.5.3_build_34685
  • VMWare VMWare Workstation 5.5.3 build 42958
    cpe:2.3:a:vmware:workstation:5.5.3_build_42958
  • VMWare VMWare 5.5.4
    cpe:2.3:a:vmware:workstation:5.5.4
  • VMWare VMWare Workstation 5.5.4 build 44386
    cpe:2.3:a:vmware:workstation:5.5.4_build_44386
  • VMWare VMWare 5.5.5
    cpe:2.3:a:vmware:workstation:5.5.5
  • VMWare VMWare Workstation 5.5.5.56455
    cpe:2.3:a:vmware:workstation:5.5.5_build_56455
  • VMWare VMWare 5.5.6
    cpe:2.3:a:vmware:workstation:5.5.6
  • VMWare VMWare 5.5.7
    cpe:2.3:a:vmware:workstation:5.5.7
  • VMWare VMWare 5.5.9
    cpe:2.3:a:vmware:workstation:5.5.8
  • VMWare VMWare 6.0
    cpe:2.3:a:vmware:workstation:6.0
  • VMWare Workstation 6.0.1
    cpe:2.3:a:vmware:workstation:6.0.1
  • VMWare VMWare Workstation 6.0.1.55017
    cpe:2.3:a:vmware:workstation:6.0.1_build_55017
  • VMWare Workstation 6.0.2
    cpe:2.3:a:vmware:workstation:6.0.2
  • VMWare Workstation 6.0.3
    cpe:2.3:a:vmware:workstation:6.0.3
  • VMWare Workstation 6.0.4
    cpe:2.3:a:vmware:workstation:6.0.4
  • VMWare Workstation 6.0.5
    cpe:2.3:a:vmware:workstation:6.0.5
CVSS
Base: 7.2 (as of 09-12-2008 - 11:34)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201209-25.NASL
    description The remote host is affected by the vulnerability described in GLSA-201209-25 (VMware Player, Server, Workstation: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in VMware Player, Server, and Workstation. Please review the CVE identifiers referenced below for details. Impact : Local users may be able to gain escalated privileges, cause a Denial of Service, or gain sensitive information. A remote attacker could entice a user to open a specially crafted file, possibly resulting in the remote execution of arbitrary code, or a Denial of Service. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console. Furthermore, guest OS users may be able to execute arbitrary code on the host OS, gain escalated privileges on the guest OS, or cause a Denial of Service (crash the host OS). Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2019-02-07
    plugin id 62383
    published 2012-10-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62383
    title GLSA-201209-25 : VMware Player, Server, Workstation: Multiple vulnerabilities
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2008-0019.NASL
    description a. Critical Memory corruption vulnerability A memory corruption condition may occur in the virtual machine hardware. A malicious request sent from the guest operating system to the virtual hardware may cause the virtual hardware to write to uncontrolled physical memory. VMware would like to thank Andrew Honig of the Department of Defense for reporting this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-4917 to this issue. b. Updated Service Console package bzip2 bzip2 versions before 1.0.5 can crash if certain flaws in compressed data lead to reading beyond the end of a buffer. This might cause an application linked to the libbz2 library to crash when decompressing malformed archives. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-1372 to this issue.
    last seen 2019-02-21
    modified 2018-08-06
    plugin id 40386
    published 2009-07-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40386
    title VMSA-2008-0019 : VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2
  • NASL family Windows
    NASL id VMWARE_MULTIPLE_VMSA_2008_0018.NASL
    description A VMware product installed on the remote host is affected by multiple vulnerabilities : - A CPU hardware emulation flaw in certain VMware products could allow a virtual CPU to incorrectly handle a Trap flag. Successful exploitation of this issue could lead to privilege escalation on the guest operating system. An attacker would need an account on the guest operating system and the ability to run applications to exploit this issue. (CVE-2008-4915) - By sending a malicious request from the guest operating system to the virtual hardware, it may be possible to cause the virtual hardware to write to an uncontrolled section in the physical memory. (CVE-2008-4917)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 34818
    published 2008-11-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34818
    title VMware Products Multiple Vulnerabilities (VMSA-2008-0018/VMSA-2008-0019)
oval via4
accepted 2010-05-17T04:00:12.756-04:00
class vulnerability
contributors
  • name Michael Wood
    organization Hewlett-Packard
  • name Michael Wood
    organization Hewlett-Packard
  • name J. Daniel Brown
    organization DTCC
definition_extensions
  • comment VMWare ESX Server 3.0.3 is installed
    oval oval:org.mitre.oval:def:6026
  • comment VMWare ESX Server 3.0.2 is installed
    oval oval:org.mitre.oval:def:5613
  • comment VMware ESX Server 3.5.0 is installed
    oval oval:org.mitre.oval:def:5887
description Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption.
family unix
id oval:org.mitre.oval:def:6246
status accepted
submitted 2009-09-23T15:39:02.000-04:00
title VMware ESX Virtual Hardware Memory Access Bug Lets Local Users Gain Elevated Privileges
version 6
refmap via4
bid 32597
bugtraq
  • 20081203 Re: VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2
  • 20081203 VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2
confirm
gentoo GLSA-201209-25
sectrack
  • 1021300
  • 1021301
secunia 32965
Last major update 14-05-2013 - 22:47
Published 08-12-2008 - 19:30
Last modified 02-11-2018 - 09:44
Back to Top