CVE-2008-0923: Path Traversal
First published: Tue Feb 26 2008(Updated: )
Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a "%c0%2e%c0%2e" string.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vmware Vmware Player | =1.0.3 | |
| VMware ACE | =1.0 | |
| Vmware Vmware Player | =1.0.2 | |
| VMware ACE | =2.0.2 | |
| VMware ACE | =2.0 | |
| VMware ACE | =2.0.1 | |
| VMware ACE | =1.0.2 | |
| VMware Workstation | =6.0 | |
| VMware Workstation | =5.5.3_build_34685 | |
| Vmware Vmware Player | =1.0.1_build_19317 | |
| VMware Player | =1.0.4 | |
| VMware VMware Workstation | =6.0.2 | |
| VMware VMware Workstation | =6.0.1 | |
| VMware Workstation | =5.5.4 | |
| VMware Workstation | =4.5.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004034
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060457.html
- http://lists.vmware.com/pipermail/security-announce/2008/000008.html
- http://secunia.com/advisories/29117
- http://securityreason.com/securityalert/3700
- http://www.coresecurity.com/?action=item&id=2129
- http://www.securityfocus.com/archive/1/488725/100/0/threaded
- http://www.securityfocus.com/archive/1/489739/100/0/threaded
- http://www.securityfocus.com/bid/27944
- http://www.securityfocus.com/bid/28276
- http://www.securitytracker.com/id?1019493
- http://www.vmware.com/security/advisories/VMSA-2008-0005.html
- http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
- http://www.vmware.com/support/player/doc/releasenotes_player.html
- http://www.vmware.com/support/player2/doc/releasenotes_player2.html
- http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
- http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- http://www.vupen.com/english/advisories/2008/0679
- http://www.vupen.com/english/advisories/2008/0905/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40837
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/event
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/vmware
- canonical/vmware vmware player
- version/vmware vmware player/1.0.3
- canonical/vmware ace
- version/vmware ace/1.0
- version/vmware vmware player/1.0.2
- version/vmware ace/2.0.2
- version/vmware ace/2.0
- version/vmware ace/2.0.1
- version/vmware ace/1.0.2
- canonical/vmware workstation
- version/vmware workstation/6.0
- version/vmware workstation/5.5.3_build_34685
- version/vmware vmware player/1.0.1_build_19317
- canonical/vmware player
- version/vmware player/1.0.4
- canonical/vmware vmware workstation
- version/vmware vmware workstation/6.0.2
- version/vmware vmware workstation/6.0.1
- version/vmware workstation/5.5.4
- version/vmware workstation/4.5.2