VMware vCenter Server and Tools Multiple Bugs
Severity Rating: Medium
- vCenter Server 6.5 running on VA; VMware Tools 9.x, 10.0.x
Several vulnerabilities have been identified in VMware vCenter Server and Tools and they can be exploited by remote attackers to gain elevated privileges on the guest and host system, obtain passwords and other potentially sensitive information on the target system. The vulnerabilities are as follows:
A local user on the host system can exploit an insecure library loading flaw in the LD_LIBRARY_PATH variable and cause the target user to load an arbitrary shared library to obtain elevated privileges on the host system.
The service startup script uses directories with world writable permissions for storing critical information in temporary files. A local user on the host system can access critical information when the service is restarted.
A local user can exploit a flaw in the vCenter Server Appliance file-based backup feature to obtain plaintext credentials.
A local user on the guest system can exploit several race conditions in VMware Tools libDeployPkg in the use of hard-coded paths in the /tmp directory to gain elevated privileges on the guest system.
Users are advised to apply updates.
More information about the update is available on:
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street