CVE-2008-0967
Severity Score
6.9
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.
Vulnerabilidad de ruta de búsqueda no confiable en vmware-authd en VMware Workstation versión 5.x anterior a 5.5.7 build 91707 y versión 6.x anterior a 6.0.4 build 93057, VMware Player versión 1.x anterior a 1.0.7 build 91707 y versión 2.x anterior a 2.0.4 build 93057, y VMware Server anterior a 1.0.6 build 91891 en Linux, y VMware ESXi versión 3.5 y VMware ESX versión 2.5.4 hasta 3.5, permite a los usuarios locales obtener privilegios por medio de una opción de path library en un archivo de configuración.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-02-25 CVE Reserved
- 2008-06-05 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713 | Third Party Advisory | |
| http://securityreason.com/securityalert/3922 | Third Party Advisory | |
| http://securitytracker.com/id?1020198 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/493080/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/29557 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42878 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768 | Signature | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/30556 | 2018-10-30 | |
| http://security.gentoo.org/glsa/glsa-201209-25.xml | 2018-10-30 | |
| http://www.vmware.com/security/advisories/VMSA-2008-0009.html | 2018-10-30 | |
| http://www.vupen.com/english/advisories/2008/1744 | 2018-10-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Esx Server Search vendor "Vmware" for product "Esx Server" | 2.5.5 Search vendor "Vmware" for product "Esx Server" and version "2.5.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Server Search vendor "Vmware" for product "Esx Server" | 3.1 Search vendor "Vmware" for product "Esx Server" and version "3.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Server Search vendor "Vmware" for product "Esx Server" | 3.2 Search vendor "Vmware" for product "Esx Server" and version "3.2" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Server Search vendor "Vmware" for product "Esx Server" | 3.3 Search vendor "Vmware" for product "Esx Server" and version "3.3" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Server Search vendor "Vmware" for product "Esx Server" | 3.5 Search vendor "Vmware" for product "Esx Server" and version "3.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esxi Search vendor "Vmware" for product "Esxi" | 3.5 Search vendor "Vmware" for product "Esxi" and version "3.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 1.0.0 Search vendor "Vmware" for product "Player" and version "1.0.0" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 1.0.1 Search vendor "Vmware" for product "Player" and version "1.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 1.0.2 Search vendor "Vmware" for product "Player" and version "1.0.2" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 1.0.3 Search vendor "Vmware" for product "Player" and version "1.0.3" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 1.0.4 Search vendor "Vmware" for product "Player" and version "1.0.4" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 1.0.5 Search vendor "Vmware" for product "Player" and version "1.0.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 1.0.6 Search vendor "Vmware" for product "Player" and version "1.0.6" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 2.0 Search vendor "Vmware" for product "Player" and version "2.0" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 2.0.1 Search vendor "Vmware" for product "Player" and version "2.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 2.0.2 Search vendor "Vmware" for product "Player" and version "2.0.2" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Player Search vendor "Vmware" for product "Player" | 2.0.3 Search vendor "Vmware" for product "Player" and version "2.0.3" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Server Search vendor "Vmware" for product "Server" | 1.0.3 Search vendor "Vmware" for product "Server" and version "1.0.3" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Server Search vendor "Vmware" for product "Vmware Server" | 1.0.0 Search vendor "Vmware" for product "Vmware Server" and version "1.0.0" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Server Search vendor "Vmware" for product "Vmware Server" | 1.0.1 Search vendor "Vmware" for product "Vmware Server" and version "1.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Server Search vendor "Vmware" for product "Vmware Server" | 1.0.2 Search vendor "Vmware" for product "Vmware Server" and version "1.0.2" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Server Search vendor "Vmware" for product "Vmware Server" | 1.0.4 Search vendor "Vmware" for product "Vmware Server" and version "1.0.4" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Server Search vendor "Vmware" for product "Vmware Server" | 1.0.5 Search vendor "Vmware" for product "Vmware Server" and version "1.0.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Workstation Search vendor "Vmware" for product "Vmware Workstation" | 5.5.0 Search vendor "Vmware" for product "Vmware Workstation" and version "5.5.0" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Workstation Search vendor "Vmware" for product "Vmware Workstation" | 5.5.2 Search vendor "Vmware" for product "Vmware Workstation" and version "5.5.2" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Workstation Search vendor "Vmware" for product "Vmware Workstation" | 5.5.5 Search vendor "Vmware" for product "Vmware Workstation" and version "5.5.5" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Workstation Search vendor "Vmware" for product "Vmware Workstation" | 5.5.6 Search vendor "Vmware" for product "Vmware Workstation" and version "5.5.6" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Workstation Search vendor "Vmware" for product "Vmware Workstation" | 6.0.1 Search vendor "Vmware" for product "Vmware Workstation" and version "6.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Workstation Search vendor "Vmware" for product "Vmware Workstation" | 6.0.2 Search vendor "Vmware" for product "Vmware Workstation" and version "6.0.2" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Vmware Workstation Search vendor "Vmware" for product "Vmware Workstation" | 6.0.3 Search vendor "Vmware" for product "Vmware Workstation" and version "6.0.3" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 5.5.1 Search vendor "Vmware" for product "Workstation" and version "5.5.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 5.5.3 Search vendor "Vmware" for product "Workstation" and version "5.5.3" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 5.5.4 Search vendor "Vmware" for product "Workstation" and version "5.5.4" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Workstation Search vendor "Vmware" for product "Workstation" | 6.0 Search vendor "Vmware" for product "Workstation" and version "6.0" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Search vendor "Vmware" for product "Esx" | 3.0.0 Search vendor "Vmware" for product "Esx" and version "3.0.0" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Search vendor "Vmware" for product "Esx" | 3.0.1 Search vendor "Vmware" for product "Esx" and version "3.0.1" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Esx Search vendor "Vmware" for product "Esx" | 3.0.2 Search vendor "Vmware" for product "Esx" and version "3.0.2" | - |
Affected
| ||||||