CVE-2008-0967

VMware <5.5.7-6.0.4 - Privilege Escalation

Title source: llm

Description

Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.

References (12)

Core 12

Core References

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201209-25.xml

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/1744

Vendor Advisory x_refsource_confirm

http://www.vmware.com/security/advisories/VMSA-2008-0009.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/29557

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/30556

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/493080/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1020198

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/42878

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/3922

Third Party Advisory third-party-advisory x_refsource_idefense

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713

Scores

EPSS 0.0007

EPSS Percentile 21.8%

Details

Status published

Products (37)

vmware/esx 3.0.0

vmware/esx 3.0.1

vmware/esx 3.0.2

vmware/esx_server 2.5.5

vmware/esx_server 3.1

vmware/esx_server 3.2

vmware/esx_server 3.3

vmware/esx_server 3.5

vmware/esxi 3.5

vmware/player 1.0.0

... and 27 more

Published Jun 05, 2008

Tracked Since Feb 18, 2026