-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2012-0054 Title: Privilege escalation vulnerability in VMWare products [1] Version history: 13.04.2012 Initial publication Summary ======= VMware has release a patch to fix a privilege escalation issue in the hosted products and ESXi/ESX. The vulnerability may lead to unauthorised access in the targeted Virtual Machines (guest) or cause a denial of service. CVE-2012-1518 CVSS v2 Base Score: 6.8 (MEDIUM) (AV:L/AC:L/Au:SI/C:C/I:C/A:C)[3] Vulnerable systems ================== Workstation 8.0.1 and earlier Player 4.0.1 and earlier Fusion 4.1.1 and earlier ESXi 5.0 without patch ESXi500-201203102-SG ESXi 4.1 without patch ESXi410-201201402-BG ESXi 4.0 without patch ESXi400-201203402-BG ESXi 3.5 without patch ESXe350-201203402-T-BG ESX 4.1 without patch ESX410-201201401-SG ESX 4.0 without patch ESX400-201203401-SG ESX 3.5 without patch ESX350-201203402-BG Original Details ================ VMware Tools Incorrect Folder Permissions Privilege Escalation The access control list of the VMware Tools folder is incorrectly set. Exploitation of this issue may lead to local privilege escalation on Windows-based Guest Operating Systems. What can you do? ================ Fix is available [1]. After the update or patch is applied, VMware Guest Tools must be updated in any pre-existing Windows-based Guest Operating System. Windows-Based Virtual Machines that have moved to Workstation 8, Player 4 or Fusion 4 from a lower version of Workstation, Player or Fusion are affected. What to tell your users? ======================== N/A More information ================ [1] http://www.vmware.com/security/advisories/VMSA-2012-0007.html [2] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1518 [3] Information about CVSS: http://www.first.org/cvss/cvss-guide.html Best regards, CERT-EU CERT-EU Pre-configuration Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 (DISCLAIMER: CERT-EU, the CERT for the EU institutions, is currently in its setup phase, until May 2012. Services are provided in a pilot fashion, and are not yet fully functional. Announcements, alerts and warnings are sent out in best effort manner, and to contact information currently known to us. We apologise if you are not the correct recipient, or if you had already been warned about this issue from another source . Format, content and way of alerting are subject to change in the future. Contact information or even the team name may change as well.) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJPiBg1AAoJEPpzpNLI8SVoiq8P/1ADQyGZcbsyB+IDaQjWukqw qg8Waqc1ZZ5DFCTF87E8Xr3yffcDgow/2l8U40z0UabZ0OVDQzMxW+4h41/tB3fi TxOg3Xer+aP9rwSSlGvotB2RIkgPGRVK6AxUNfFfhvhI7xQ3pt32IXxHaezNiBwL kOhy5M0jWLNLdgFBZSPQSuOZ5Qfb/bbSrWKzZWvdSaFAfJQwEzMJwAKNcNLAwt74 /zckJE7vDESLgmVXlg11ANPMTs2ddBaCeEiiil6HblnTJytXRCj2c5Jl5rkDORAI lwqPbcfjb39mxLetwerS+e9Y4649hFg2e04JehC4IKtHgTfi2+vMNG55oKDgXzx0 ZTFSEuqiYYnlja2sa+aclEn4nZ9m2WtbXwc6Y6h8cH3sH4GEdOQRYCJdY4mvFflL XjBdTJgJueHtINIRuA2qLPb34r3LGRRwa2yNPW4eq0SBH5i654/57dDTfeY3zjHw 2bVNGyJbAokC/FvpZlOeHDJTLaVsbk57ritFLgkv3/Oo4nCQrE77sL5oPLyiNufN jAa6Em74+20BYRcgA1nUbXtOuwrSi3wDej61BP2cVkKdVvfqOCKsh+6Ai5IKREcb gwnIbhj4EsY8/kX8xjws85+pGoUITUfGzfzzopA4bayo6eGpH3oUQbSgGggUIROx 5OuCafUkvrH/Oeowh3uz =D5Vd -----END PGP SIGNATURE-----