CVE-2008-3761

VMware Workstation 6.5.1 - Denial of Service via IOCTL Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-3761. PoCs published by g_.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service (DoS) vulnerability in VMWare Workstation's hcmon.sys driver by sending a malformed IOCTL request (0x8101232B) to the \\.\hcmon device, causing a bugcheck due to unsanitized pointer dereferencing.

Description

hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 uses the METHOD_NEITHER communication method for IOCTLs, which allows local users to cause a denial of service via a crafted IOCTL request.

Exploits (1)

exploitdb WORKING POC VERIFIED

by g_ · textdoswindows

https://www.exploit-db.com/exploits/6262

View Code ZIP pw:eip

This exploit demonstrates a denial-of-service (DoS) vulnerability in VMWare Workstation's hcmon.sys driver by sending a malformed IOCTL request (0x8101232B) to the \\.\hcmon device, causing a bugcheck due to unsanitized pointer dereferencing.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: VMWare Workstation (hcmon.sys 6.0.0.45731)

No auth needed

Prerequisites: Access to the target system to send IOCTL requests to the hcmon device

MITRE ATT&CK