Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
VMware directory traversal and privilege escalation vulnerabilities - Vulnerability Database

VMware directory traversal and privilege escalation vulnerabilities

Description

Multiple VMware products contain two critical security vulnerabilities. The first vulnerability stems from improper exception code handling during page faults in guest operating systems, enabling authenticated users within a guest OS to escalate their privileges. The second vulnerability involves insufficient input validation that allows network-based attackers to perform directory traversal attacks, potentially accessing and downloading arbitrary files from the host system. These issues affect VMware Workstation (≤6.5.2), Player (≤2.5.2), ACE (≤2.5.2), Server (≤2.0.1 and ≤1.0.9), Fusion (≤2.0.5), ESXi (3.5, 4.0), and ESX (2.5.5, 3.0.3, 3.5, 4.0).

Remediation

Immediately apply the security patches provided in VMware Security Advisory VMSA-2009-0015 or upgrade to the following fixed versions:

  • VMware Workstation 6.5.3 or later
  • VMware Player 2.5.3 or later
  • VMware ACE 2.5.3 or later
  • VMware Server 2.0.2 or later
  • VMware Fusion 2.0.6 or later
  • VMware ESXi and ESX: Apply patches specified in VMSA-2009-0015

Implementation steps:
  1. Review the official VMware security advisory at https://www.vmware.com/security/advisories/VMSA-2009-0015.html
  2. Download the appropriate patches or updated versions for your VMware products
  3. Schedule maintenance windows for production systems to minimize disruption
  4. Create backups of virtual machines and configurations before applying updates
  5. Apply patches following VMware's installation procedures for your specific product
  6. Verify successful patch installation and test critical functionality
  7. As an additional security measure, restrict network access to VMware management interfaces using firewalls and implement network segmentation

References

CVE-2009-3733
VMware hosted products and ESX patches resolve two security issues

Related Vulnerabilities

VirtueMart access control bypass High
Common tags: Known Vulnerabilities Missing Update Privilege Escalation
Dolibarr Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-0819) High
Common tags: Known Vulnerabilities Missing Update
Apache HTTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-1927) Medium
Common tags: Known Vulnerabilities Missing Update
Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-1691) Medium
Common tags: Known Vulnerabilities Missing Update
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1692) Medium
Common tags: Known Vulnerabilities Missing Update

Severity

High

Classification

CVE-2009-2267
CVE-2009-3733
CWE-22
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Directory Traversal
Known Vulnerabilities
Missing Update
Privilege Escalation