Vendor Status Note JVNCIAC-S-011

VMware 製品に複数の脆弱性

概要

VMware 製品には、複数の脆弱性があります。

影響を受けるシステム
 - VMware Workstation 5.5.5 より前のバージョン
 - VMware Workstation 6.0.0
 - VMware Player 1.0.5 より前のバージョン
 - VMware Player 2.0.0
 - VMware ACE 1.0.4 より前のバージョン
 - VMware ACE 2.0.0
 - VMware Server 1.0.4 より前のバージョン
 - upgrade patch 8 より前の VMware ESX 2.0.2 (Build# 52650)
 - upgrade patch 8 より前の VMware ESX 2.1.3 (Build# 53228)
 - upgrade patch 13 より前の VMware ESX 2.5.3 (Build# 52488)
 - upgrade patch 10 より前の VMware ESX 2.5.4 (Build# 53326)
 - ESX-4809553、ESX-1001204、ESX-1001206、ESX-1001212、ESX-1001205、ESX-1001207、ESX-1001208、ESX-1001209、ESX-1001210、ESX-1001211 の各パッチ未適用の VMware ESX 3.0.0
 - ESX-8258730、ESX-1001213、ESX-1001691、ESX-1001723、ESX-1001214、ESX-1001692、ESX-1001693、ESX-1001694、ESX-8253547、ESX-8567382 の各パッチ未適用の VMware ESX 3.0.1
 - ESX-1001725、ESX-1001731、ESX-1001726、ESX-1001727、ESX-1001728、ESX-1001729、ESX-1001730 の各パッチ未適用の VMware ESX 3.0.2

想定される影響

遠隔の第三者が任意のコードを実行するなどの可能性があります。

ベンダ情報

ベンダリンク更新日
VMwareVMware Security Advisory VMSA-2007-0006
Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player
参考情報

  1. ISS X-Force Database: kde-dcopserver-symlink(16962)
    KDE DCOPserver symlink attack
  2. ISS X-Force Database: kde-application-symlink(16963)
    KDE application symlink
  3. ISS X-Force Database: linux-sgio-gain-privileges(17505)
    Linux kernel SG_IO ide-cd allows elevated privileges
  4. ISS X-Force Database: dlink-dsl-authentication-bypass(20660)
    D-Link DSL routers authentication bypass
  5. ISS X-Force Database: vbook-index-sql-injection(25519)
    VBook index.php SQL injection
  6. ISS X-Force Database: vbook-index-xss(25521)
    VBook index.php cross-site scripting
  7. ISS X-Force Database: vbook-config-file-include(25522)
    VBook config.php file include
  8. ISS X-Force Database: shadow-utils-useradd-file-permission(26958)
    Shadow-utils useradd insecure file permission
  9. ISS X-Force Database: gnugcc-fastjar-directory-traversal(27806)
    GNU GCC fastjar .jar directory traversal
  10. ISS X-Force Database: fastjar-jar-directory-traversal(27850)
    FastJar .jar archive directory traversal
  11. ISS X-Force Database: openssl-rsa-security-bypass(28755)
    OpenSSL RSA exponent 3 security bypass
  12. ISS X-Force Database: openldap-selfwrite-security-bypass(28772)
    OpenLDAP selfwrite ACL security bypass
  13. ISS X-Force Database: gdb-dwarf-bo(28773)
    GNU Project Debugger (GDB) DWARF buffer overflow
  14. ISS X-Force Database: rssonate-project-file-include(29703)
    RSSonate PROJECT_ROOT file include
  15. ISS X-Force Database: activenews-multiple-sql-injection(30352)
    Active News Manager multiple scripts SQL injection
  16. ISS X-Force Database: sun-java-image-integer-overflow(30983)
    Sun JRE multiple image handling functions integer overflow
  17. ISS X-Force Database: sun-java-image-array-bo(30985)
    Sun JRE applet array buffer overflow
  18. ISS X-Force Database: sun-java-sunlayoutengine-command-execution(30989)
    Sun JRE Java_sun_font_SunLayoutEngine_nativeLayout() command execution
  19. ISS X-Force Database: sun-java-applet-security-bypass(31003)
    Sun JRE multiple unspecified applet security bypass
  20. ISS X-Force Database: sun-java-serialization-code-execution(31009)
    Sun JRE JDK applet serialization code execution
  21. ISS X-Force Database: wordpress-account-enumeration(31262)
    WordPress account enumeration
  22. ISS X-Force Database: wordpress-mbstring-security-bypass(31297)
    WordPress mbstring extension security bypass
  23. ISS X-Force Database: wordpress-csrf-protection-xss(31440)
    Wordpress CSRF protection module cross-site scripting
  24. ISS X-Force Database: bind-rrsets-dos(31838)
    ISC BIND RRset denial of service
  25. ISS X-Force Database: smadb-settings-file-include(32190)
    SMA-DB settings.php file include
  26. ISS X-Force Database: samba-smbd-filerename-dos(32301)
    Samba smbd file rename denial of service
  27. ISS X-Force Database: dhcp-malformed-packet-bo(33101)
    Multiple VMware products DHCP server malformed packet code execution
  28. ISS X-Force Database: dhcp-param-overflow(33102)
    Multiple VMware products VMware DHCP server integer overflow
  29. ISS X-Force Database: dhcp-param-underflow(33103)
    Multiple VMware products DHCP server integer underflow
  30. ISS X-Force Database: flashplayer-unspecified-info-disclosure(33595)
    Adobe Macromedia Flash Player unspecified information disclosure
  31. ISS X-Force Database: kernel-pamconsole-privilege-escalation(33659)
    Linux kernel pam_console privilege escalation
  32. ISS X-Force Database: vixiecron-hardlinks-dos(34097)
    Vixie Cron hard links denial of service
  33. ISS X-Force Database: rim-toimport-activex-bo(34182)
    Research In Motion TOImport.dll ActiveX control buffer overflow
  34. ISS X-Force Database: samba-smbconf-command-execution(34307)
    Samba smb.conf shell command execution
  35. ISS X-Force Database: samba-lsaioprivilegeset-bo(34309)
    Samba lsa_io_privilege_set buffer overflow
  36. ISS X-Force Database: samba-netdfsiodfsenuminfod-bo(34311)
    Samba netdfs_io_dfs_EnumInfo_d buffer overflow
  37. ISS X-Force Database: samba-smbionotifyoptiontypedata-bo(34312)
    Samba smb_io_notify_option_type_data buffer overflow
  38. ISS X-Force Database: samba-secioacl-bo(34314)
    Samba sec_io_acl buffer overflow
  39. ISS X-Force Database: samba-lsaiotransnames-bo(34316)
    Samba lsa_io_trans_names buffer overflow
  40. ISS X-Force Database: simpnews-print-sql-injection(34356)
    SimpNews print.php SQL injection
  41. ISS X-Force Database: kerberos-renameprincipal2svc-bo(35080)
    MIT Kerberos rename_principal_2_svc buffer overflow
  42. ISS X-Force Database: kerberos-gssrpcsvcauthgssapi-code-execution(35082)
    MIT Kerberos administration daemon (kadmind) gssrpc__svcauth_gssapi() function code execution
  43. ISS X-Force Database: kerberos-gssrpcsvcauthunix-bo(35085)
    MIT Kerberos administration daemon (kadmind) gssrpc__svcauth_unix() function buffer overflow
  44. ISS X-Force Database: primergy-web-interface-info-disclosure(35264)
    Fujitsu PRIMERGY BX300 Web interface information disclosure
  45. ISS X-Force Database: asteridex-callboth-command-execution(35270)
    AsteriDex callboth.php command execution
  46. ISS X-Force Database: phpvid-categoriestype-sql-injection(35273)
    phpVID categories_type.php SQL injection
  47. ISS X-Force Database: vmware-createprocess-code-execution(35670)
    VMware Workstation CreateProcess and CreateProcessEx code execution
  48. ISS X-Force Database: vmware-intraprocesslogging-file-overwrite(35675)
    VMware IntraProcessLogging.dll file overwrite
  49. ISS X-Force Database: galleryinabox-index-sql-injection(35791)
    Gallery in a Box index.asp SQL injection
  50. ISS X-Force Database: vmware-host-code-execution(36725)
    Multiple VMware products host process code execution
  51. ISS X-Force Database: vmware-host-dos(36727)
    Multiple VMware products host process denial of service
  52. ISS X-Force Database: rhel-rhsa-gnugcc-fastjar-directory-traversal(37093)
    RHSA update for GNU GCC fastjar .jar directory traversal not installed
  53. ISS X-Force Database: rhel-rhsa-openldap-selfwrite-sec-bypass(37104)
    RHSA update for OpenLDAP selfwrite ACL security bypass not installed
  54. ISS X-Force Database: rhel-rhsa-gdb-dwarf-bo(37105)
    RHSA update for GNU Project Debugger (GDB) DWARF buffer overflow not installed
  55. ISS X-Force Database: rhel-rhsa-bind-rrsets-dos(37128)
    RHSA update for ISC BIND RRset denial of service not installed
  56. ISS X-Force Database: rhel-rhsa-flashplayer-unspec-info-disclosure(37161)
    RHSA update for Adobe Macromedia Flash Player unspecified information disclosure not installed
JPCERT 緊急報告
JPCERT REPORTJPCERT-WR-2007-4001 ( 2007-10-17 )
CIAC BulletinS-011 VMware Security Updates ( 2007-10-11 )
CVE2004-0813 [CVE+] XF16962,XF16963,XF20660,XF17505
2006-1174 [CVE+] XF25522,XF25519,XF25521,XF26958
2006-3619 [CVE+] XF27850,XF27806,XF37093
2006-4146 [CVE+] XF28773,XF29703,XF37105
2006-4600 [CVE+] XF28772,XF37104,XF30352,XF30352
2007-0061 [CVE+] XF33101,XF31440,XF31297,XF32301
2007-0062 [CVE+] XF33102,XF31262,XF30983,XF31009,XF31003,XF31003,XF30985,XF30989,XF28755,XF28755
2007-0063 [CVE+] XF33103
2007-0494 [CVE+] XF31838,XF37161,XF37128,XF32190,XF33595
2007-1716 [CVE+] XF33659,XF34182
2007-1856 [CVE+] XF34356,XF34097
2007-2442 [CVE+] XF35264,XF35082
2007-2443 [CVE+] XF35085
2007-2446 [CVE+] XF34309,XF34316,XF34314,XF34312,XF34311,XF35270
2007-2447 [CVE+] XF34307,XF35273
2007-2798 [CVE+] XF35791,XF35080
2007-4059 [CVE+] XF35675
2007-4155 [CVE+] XF35670
2007-4496 [CVE+] XF36725,XF36725
2007-4497 [CVE+] XF36727
PGP署名JVNCIAC-S-011.html.sig
登録日0:19 2007/10/16
更新日10:48 2007/11/11

Copyright(C) 2002-2009 Keio Univ. All rights reserved.