VMware产品 缺页中断异常本地特权提升漏洞

漏洞起因
设计错误
 
影响系统
VMWare Workstation 6.5.3
VMWare Workstation 6.5.2 build 156735
VMWare Workstation 6.5.2
VMWare Workstation 6.5.1
VMWare Workstation 6.5 build 118166
VMWare Server 2.0.1 build 156745
VMWare Server 2.0.1
VMWare Server 1.0.9 build 156507
VMWare Server 1.0.9
VMWare Server 1.0.8 build 126538
VMWare Server 1.0.8
VMWare Server 1.0.7 build 108231
VMWare Server 1.0.7
VMWare Server 1.0.6 build 91891
VMWare Server 1.0.6
VMWare Server 1.0.5 Build 80187
VMWare Server 1.0.5
VMWare Server 1.0.4
VMWare Server 1.0.3
VMWare Server 1.0.2
VMWare Server 2.0
VMWare Player 2.5.3
VMWare Player 2.5.2 build 156735
VMWare Player 2.5.2
VMWare Player 2.5.1
VMWare Player 2.5 build 118166
VMWare Fusion 2.0.6
VMWare Fusion 2.0.5
VMWare Fusion 2.0.4
VMWare Fusion 2.0.3
VMWare Fusion 2.0.2 build 147997
VMWare Fusion 2
VMWare ESXi Server 4.0
VMWare ESXi Server 3.5 ESXe350-20090440
VMWare ESXi Server 3.5
VMWare ESX Server 3.0.3 ESX303-200905401-SG
VMWare ESX Server 3.0.3 ESX303-200812406-BG
VMWare ESX Server 3.0.3
VMWare ESX Server 3.0.3
VMWare ESX Server 3.0.2 ESX-1008420
VMWare ESX Server 3.0.2
VMWare ESX Server 3.0.1
VMWare ESX Server 3.0
VMWare ESX Server 2.5.5 patch 9
VMWare ESX Server 2.5.5 patch 8
VMWare ESX Server 2.5.5 patch 6
VMWare ESX Server 2.5.5 patch 4
VMWare ESX Server 2.5.5 patch 2
VMWare ESX Server 2.5.5 patch 13
VMWare ESX Server 2.5.5 patch 12
VMWare ESX Server 2.5.5 patch 11
VMWare ESX Server 2.5.5 patch 10
VMWare ESX Server 2.5.5
VMWare ESX Server 2.5.4 patch 21
VMWare ESX Server 2.5.4 patch 19
VMWare ESX Server 2.5.4 Patch 17
VMWare ESX Server 2.5.4 Patch 16
VMWare ESX Server 2.5.4 patch 15
VMWare ESX Server 2.5.4 patch 13
VMWare ESX Server 2.5.4 Patch 1
VMWare ESX Server 2.5.4
VMWare ESX Server 2.5.4
VMWare ESX Server 2.5.4
VMWare ESX Server 2.5.4
VMWare ESX Server 2.5.3 Patch 4
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.3
VMWare ESX Server 2.5.2
VMWare ESX Server 2.5
VMWare ESX Server 2.1.3 Patch 2
VMWare ESX Server 2.1.3
VMWare ESX Server 2.1.3
VMWare ESX Server 2.1.3
VMWare ESX Server 2.1.3
VMWare ESX Server 2.1.2
VMWare ESX Server 2.1.1
VMWare ESX Server 2.1
VMWare ESX Server 2.0.2 Patch 2
VMWare ESX Server 2.0.2
VMWare ESX Server 2.0.2
VMWare ESX Server 2.0.2
VMWare ESX Server 2.0.2
VMWare ESX Server 2.0.1 build 6403
VMWare ESX Server 2.0.1
VMWare ESX Server 2.0 build 5257
VMWare ESX Server 2.0
VMWare ESX Server 4.0
VMWare ESX Server 4.0
VMWare ESX Server 3.5 ESX350-200906407
VMWare ESX Server 3.5 ESX350-200904401
VMWare ESX Server 3.5
VMWare ESX Server 2.5.5 patch 5
VMWare ESX Server 2.5.3 Patch 2
VMWare ESX Server 2.5.2 Patch 4
VMWare ESX Server 2.1.3 Patch 1
VMWare ESX Server 2.0.2 Patch 1
VMWare ACE 2.5.2 build 156735
VMWare ACE 2.5.2
VMWare ACE 2.5.1
VMWare ACE 2.5 build 118166
 
不受影响系统
VMWare Workstation 6.5.3 build 185404
VMWare Server 2.0.2 Build 203138
VMWare Server 1.0.10 Build 203137
VMWare Player 2.5.3 build 185404
VMWare Fusion 2.0.6 Build 196839
VMWare ESXi Server 4.0 ESXi400-20090940
VMWare ESXi Server 3.5 ESXe350-20091040
VMWare ESX Server 3.0.3 ESX303-200910401-BG
VMWare ESX Server 2.5.5 patch 15
VMWare ESX Server 4.0 ESX400-200909401
VMWare ESX Server 3.5 ESX350-200910401
VMWare ACE 2.5.3 Build 185404
 
危害
本地攻击者可以利用漏洞提升特权。
 
攻击所需条件
攻击者必须访问Vmware产品。
 
漏洞信息
Vmware产品对缺页中断上的异常代码设置不正确,允许攻击者利用漏洞在客户操作系统上提升特权,此漏洞不影响宿主系统。
目前没有详细漏洞细节提供。
 
测试方法
 
厂商解决方案
用户可联系供应商升级到如下版本:
VMWare ESXi Server 3.5
VMWare ESX350-200910401-SG (DHCP third party library, kernel)
http://download3.vmware.com/software/vi/ESX350-200910401-SG.zip
VMWare ESXe350-200910401-O-SG.zip
ESXi 3.5 patch ESXe350-200910401-I-SG (Privilege Escalation)
http://download3.vmware.com/software/vi/ESXe350-200910401-O-SG.zip
VMWare ESX Server 3.5
VMWare ESX350-200910401-SG.zip
ESX 3.5 patch ESX350-200910401-SG (Privilege Escalation)
http://download3.vmware.com/software/vi/ESX350-200910401-SG.zip
VMWare Server 1.0.9
VMWare VMware-mui-1.0.10-203137.tar.gz
Management Interface
http://download3.vmware.com/software/vmserver/VMware-mui-1.0.10-203137 .tar.gz
VMWare VMware-server-1.0.10-203137.i386.rpm
VMware Server for Linux rpm
http://download3.vmware.com/software/vmserver/VMware-server-1.0.10-203 137.i386.rpm
VMWare VMware-server-1.0.10-203137.tar.gz
VMware Server for Linux
http://download3.vmware.com/software/vmserver/VMware-server-1.0.10-203 137.tar.gz
VMWare VMware-server-installer-1.0.10-203137.exe
VMware Server for Windows 32-bit and 64-bit
http://download3.vmware.com/software/vmserver/VMware-server-installer– 1.0.10-203137.exe
VMWare VMware-server-linux-client-1.0.10-203137.zip
VMware Server Linux client package
http://download3.vmware.com/software/vmserver/VMware-server-linux-clie nt-1.0.10-203137.zip
VMWare VMware-server-win32-client-1.0.10-203137.zip
VMware Server Windows client package
http://download3.vmware.com/software/vmserver/VMware-server-win32-clie nt-1.0.10-203137.zip
VMWare Player 2.5.2
VMWare VMware-player-2.5.3-185404.exe
Player for Windows binary
http://download3.vmware.com/software/vmplayer/VMware-player-2.5.3-1854 04.exe
VMWare VMware-Player-2.5.3-185404.i386.bundle
Player for Linux (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-1854 04.i386.bundle
VMWare VMware-Player-2.5.3-185404.i386.rpm
Player for Linux (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-1854 04.i386.rpm
VMWare VMware-Player-2.5.3-185404.x86_64.bundle
Player for Linux – 64-bit (.bundle)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-1854 04.x86_64.bundle
VMWare VMware-Player-2.5.3-185404.x86_64.rpm
Player for Linux – 64-bit (.rpm)
http://download3.vmware.com/software/vmplayer/VMware-Player-2.5.3-1854 04.x86_64.rpm
 
漏洞提供者
Tavis Ormandy and Julien Tinnes of the Google Security Team

发表评论?

0 条评论。

发表评论