Vulnerability Name:

CVE-2011-1126 (CCN-66472)

Assigned:2011-03-29
Published:2011-03-29
Updated:2018-10-09
Summary:VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.
CVSS v3 Severity:8.2 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
5.1 Medium (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2011-1126

Source: MLIST
Type: Vendor Advisory
[security-announce] 20110330 UPDATED VMSA-2011-0006.1 VMware vmrun utility local privilege escalation

Source: CCN
Type: SA43885
VMware Workstation vmrun Privilege Escalation Security Issue

Source: SECUNIA
Type: Vendor Advisory
43885

Source: CCN
Type: SA43943
VMware VIX API vmrun Privilege Escalation Security Issue

Source: SECUNIA
Type: Vendor Advisory
43943

Source: SREASON
Type: UNKNOWN
8173

Source: SECTRACK
Type: UNKNOWN
1025270

Source: CCN
Type: OSVDB ID: 71783
VMware Workstation vmrun Unspecified Shared Library Local Privilege Escalation

Source: BUGTRAQ
Type: UNKNOWN
20110330 VMSA-2011-0006 VMware vmrun utility local privilege escalation

Source: BID
Type: UNKNOWN
47094

Source: CCN
Type: BID-47094
VMware 'vmrun' on Linux Local Privilege Escalation Vulnerability

Source: CCN
Type: BID-48058
Red Hat Xen Hypervisor Implementation Local Guest Denial Of Service Vulnerability

Source: CONFIRM
Type: Vendor Advisory
http://www.vmware.com/security/advisories/VMSA-2011-0006.html

Source: VUPEN
Type: Vendor Advisory
ADV-2011-0816

Source: XF
Type: UNKNOWN
vmware-vmrun-privilege-escalation(66472)

Source: XF
Type: UNKNOWN
vmware-vmrun-privilege-escalation(66472)

Source: CCN
Type: VMSA-2011-0006
VMware vmrun utility local privilege escalation

Vulnerable Configuration:Configuration 1:
  • cpe:/a:vmware:vix_api:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.7:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.8:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:vix_api:1.9:*:*:*:*:*:*:*
  • AND
  • cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:vmware:workstation:6.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:6.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:7.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:7.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:7.1.3:*:*:*:*:*:*:*
  • AND
  • cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:vmware:workstation:6.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:vmware:workstation:7.1.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    vmware vix api 1.0
    vmware vix api 1.1
    vmware vix api 1.1.1
    vmware vix api 1.1.2
    vmware vix api 1.1.3
    vmware vix api 1.1.4
    vmware vix api 1.1.5
    vmware vix api 1.6.0
    vmware vix api 1.6.1
    vmware vix api 1.7
    vmware vix api 1.8
    vmware vix api 1.8.1
    vmware vix api 1.9
    linux linux kernel *
    vmware workstation 6.5.0
    vmware workstation 6.5.1
    vmware workstation 6.5.2
    vmware workstation 6.5.3
    vmware workstation 6.5.4
    vmware workstation 6.5.5
    vmware workstation 7.0
    vmware workstation 7.0.1
    vmware workstation 7.1
    vmware workstation 7.1.1
    vmware workstation 7.1.2
    vmware workstation 7.1.3
    linux linux kernel *
    vmware workstation 6.5.5
    vmware workstation 7.1.3