VMware虚拟磁盘加载服务Reconfig.DLL本地拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1188830 漏洞类型 输入验证
发布时间 2007-10-11 更新时间 2008-09-01
CVE编号 CVE-2007-5438 CNNVD-ID CNNVD-200710-231
漏洞平台 N/A CVSS评分 1.9
|漏洞来源
https://www.securityfocus.com/bid/26025
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200710-231
|漏洞详情
VMWare是一款虚拟PC软件,允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。VMWare所提供的Reconfig.DLL库(ConnectPopulatedDiskEx函数)中存在安全漏洞,本地攻击者可能利用此漏洞导致拒绝服务。如果用户受骗加载了恶意的磁盘镜像的话,就会导致VMWare的虚拟磁盘加载服务(vmount2.exe)拒绝服务。
|受影响的产品
VMWare Workstation 6.0.5 build 109488 VMWare Workstation 6.0.5 VMWare Workstation 6.0.1 VMWare Workstation 6.0 VMWare Workstation 5.5.8 build 108000 VMWare Workstation 5.5.
|参考资料

来源:www.vmware.com
链接:http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
来源:www.vmware.com
链接:http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
来源:www.vmware.com
链接:http://www.vmware.com/support/server/doc/releasenotes_server.html
来源:www.vmware.com
链接:http://www.vmware.com/support/player2/doc/releasenotes_player2.html
来源:www.vmware.com
链接:http://www.vmware.com/support/player/doc/releasenotes_player.html
来源:www.vmware.com
链接:http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
来源:www.vmware.com
链接:http://www.vmware.com/support/ace/doc/releasenotes_ace.html
来源:www.vmware.com
链接:http://www.vmware.com/security/advisories/VMSA-2008-0014.html
来源:SECTRACK
名称:1020791
链接:http://www.securitytracker.com/id?1020791
来源:BID
名称:26025
链接:http://www.securityfocus.com/bid/26025
来源:BUGTRAQ
名称:20080830VMSA-2008-0014UpdatestoVMwareWorkstation,VMwarePlayer,VMwareACE,VMwareServer,VMwareESXaddressinformationdisclosure,privilegeescalationandothersecurityissues.
链接:http://www.secur