Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)

VN-2017-106


VMware vCenter Server and Tools Multiple Bugs
Severity Rating: Medium
Systems Affected:
  • vCenter Server 6.5 running on VA; VMware Tools 9.x, 10.0.x
Description
Several vulnerabilities have been identified in VMware vCenter Server and Tools and they can be exploited by remote attackers to gain elevated privileges on the guest and host system, obtain passwords and other potentially sensitive information on the target system. The vulnerabilities are as follows:
 
  • A local user on the host system can exploit an insecure library loading flaw in the LD_LIBRARY_PATH variable and cause the target user to load an arbitrary shared library to obtain elevated privileges on the host system.
  • The service startup script uses directories with world writable permissions for storing critical information in temporary files. A local user on the host system can access critical information when the service is restarted.
  • A local user can exploit a flaw in the vCenter Server Appliance file-based backup feature to obtain plaintext credentials.
  • A local user on the guest system can exploit several race conditions in VMware Tools libDeployPkg in the use of hard-coded paths in the /tmp directory to gain elevated privileges on the guest system.
 
Solution
Users are advised to apply updates.
More information about the update is available on:
 
CVE Information
 
Vendor Information
VMware
 
References
Security Tracker
 
VMware
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis