CVE-2008-1361
First published: Thu Mar 20 2008(Updated: )
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation that causes the authd process to connect to an arbitrary named pipe, a different vulnerability than CVE-2008-1362.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware ACE | =1.0 | |
| VMware ACE | =1.0.1 | |
| VMware Server | =1.0.1 | |
| VMware Player | =2.0.1 | |
| VMware Player | =2.0.2 | |
| VMware Player | =1.0.2 | |
| VMware Server | =1.0.3 | |
| VMware ACE | =2.0 | |
| VMware Workstation | =5.5.4_build_44386 | |
| VMware ACE | =1.0.2 | |
| VMware Workstation | =6.0 | |
| VMware Workstation | =5.5.3_build_34685 | |
| VMware VMware Workstation | =5.5.5 | |
| VMware Player | =1.0.3 | |
| VMware Workstation | =5.5.3_build_42958 | |
| VMware Workstation | =5.5 | |
| VMware Server | =1.0.4 | |
| VMware Player | =1.0.4 | |
| VMware VMware Workstation | =6.0.2 | |
| VMware Player | =1.0.5 | |
| VMware Server | =1.0.0 | |
| VMware ACE | =1.0.4 | |
| VMware ACE | =1.0.3 | |
| VMware Server | =1.0.3 | |
| VMware Server | =1.0.2 | |
| VMware Player | =2.0 | |
| VMware VMware Workstation | =6.0.1 | |
| VMware Workstation | =5.5.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.vmware.com/pipermail/security-announce/2008/000008.html
- http://www.vmware.com/security/advisories/VMSA-2008-0005.html
- http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
- http://www.vmware.com/support/player/doc/releasenotes_player.html
- http://www.vmware.com/support/player2/doc/releasenotes_player2.html
- http://www.vmware.com/support/server/doc/releasenotes_server.html
- http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
- http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- http://www.securityfocus.com/bid/28276
- http://securitytracker.com/id?1019621
- http://securityreason.com/securityalert/3755
- http://www.vupen.com/english/advisories/2008/0905/references
- http://security.gentoo.org/glsa/glsa-201209-25.xml
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41257
- http://www.securityfocus.com/archive/1/489739/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2008-1361?
CVE-2008-1361 is classified as a local privilege escalation vulnerability.
How do I fix CVE-2008-1361?
To fix CVE-2008-1361, upgrade affected VMware software to the latest version specified in the vendor's security announcement.
Which VMware products are affected by CVE-2008-1361?
CVE-2008-1361 affects VMware Workstation, Player, ACE, and Server versions prior to their respective patched releases.
Can CVE-2008-1361 be exploited remotely?
No, CVE-2008-1361 can only be exploited by local users with access to the system.
What are the potential consequences of exploiting CVE-2008-1361?
Exploiting CVE-2008-1361 could allow an attacker to gain elevated privileges on the affected system.
- agent/type
- agent/remedy
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/vmware
- canonical/vmware ace
- version/vmware ace/1.0
- version/vmware ace/1.0.1
- canonical/vmware server
- version/vmware server/1.0.1
- canonical/vmware player
- version/vmware player/2.0.1
- version/vmware player/2.0.2
- version/vmware player/1.0.2
- version/vmware server/1.0.3
- version/vmware ace/2.0
- canonical/vmware workstation
- version/vmware workstation/5.5.4_build_44386
- version/vmware ace/1.0.2
- version/vmware workstation/6.0
- version/vmware workstation/5.5.3_build_34685
- canonical/vmware vmware workstation
- version/vmware vmware workstation/5.5.5
- version/vmware player/1.0.3
- version/vmware workstation/5.5.3_build_42958
- version/vmware workstation/5.5
- version/vmware server/1.0.4
- version/vmware player/1.0.4
- version/vmware vmware workstation/6.0.2
- version/vmware player/1.0.5
- version/vmware server/1.0.0
- version/vmware ace/1.0.4
- version/vmware ace/1.0.3
- version/vmware server/1.0.2
- version/vmware player/2.0
- version/vmware vmware workstation/6.0.1
- version/vmware workstation/5.5.4