ID de Prueba:	1.3.6.1.4.1.25623.1.0.801322
Categoría:	Privilege escalation
Título:	VMware Products USB Service Local Privilege Escalation Vulnerability (CVE-2010-1140) - Windows
Resumen:	VMware products are prone to a local privilege escalation vulnerability.
Descripción:	Summary: VMware products are prone to a local privilege escalation vulnerability. Vulnerability Insight: The flaw is due to error in 'USB' service which allows host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS disk. Vulnerability Impact: Successful exploitation will allow attacker to modify arbitrary memory locations in guest kernel memory and gain privileges. Affected Software/OS: VMware Player 3.0 before 3.0.1 build 227600, VMware Workstation 7.0 before 7.0.1 build 227600 on Windows. Solution: Update to: - VMware Player 3.0.1 build 227600 - VMware Workstation 7.0.1 build 227600 CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1140 BugTraq ID: 39397 http://www.securityfocus.com/bid/39397 Bugtraq: 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues (Google Search) http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://lists.vmware.com/pipermail/security-announce/2010/000090.html http://securitytracker.com/id?1023834 http://secunia.com/advisories/39206
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.