Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Are your emails being backed up? Find out more about Altaro Office 365 Backup here.
VMware Security Advisory: VMware vmrun utility local privilege escalation

VMware issued a warning for a security vulnerability (CVE-2011-1126) in several of its products that run on Linux.  According to the warning, the VMware vmrun utility, which is used to perform various tasks on virtual machines including automated guest operations and is installed by default, is susceptible to a local privilege escalation issue in non-standard configurations.  This is caused when the utility incorrectly loads libraries from certain directories.  This could, for example, be exploited by a malicious local user to gain escalated privileges and make unauthorized changes.

VMware Workstation version 7.1.3 and 6.5.5 (and earlier) on Linux, as well as VMware VIX API for Linux 1.10.2 and earlier, are all said to be affected.  Windows versions of the products are unaffected.

To correct the issue, the company has issued a patch for its VMware Workstation, however, VMware VIX API remains unpatched. Further details of the affected versions can be found in the security advisory.

Published Wednesday, March 30, 2011 6:40 PM by David Marshall
Filed under: ,
Get This Featured White Paper: IGEL Software Platform Step by Step Getting Started Guide
You may also be interested in this white paper: The Expert Guide to VMware Data Protection
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
DCDAustralia
DCDSingapore
DataCloud Ireland
DataCloud Africa
tech-leaders-2019
Edge Congress Austin
KubeCon 2019 San Diego
Noord-leaders
TelecomsWorld Middle East
DTX Europe
Noord-DataAnalytics
Noord-Infosec
Data Cloud Nordic
vExpert
top25
Calendar
<March 2011>
SuMoTuWeThFrSa
272812345
6789101112
13141516171819
20212223242526
272829303112
3456789