VMSA-2012-0011 : VMware hosted products and ESXi and ESX patches address security issues

NASLDB: VMSA-2012-0011 : VMware hosted products and ESXi and ESX patches address security issues

General

ID: 59506
Name: VMSA-2012-0011 : VMware hosted products and ESXi and ESX patches address security issues

Summary: Looks for patch(es) in esxupdate output

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –

Port: 0
Family: VMware ESX Local Security Checks
Type: Local

Description

a. VMware Host Checkpoint file memory corruption

Input data is not properly validated when loading Checkpoint files.
This may allow an attacker with the ability to load a specially
crafted Checkpoint file to execute arbitrary code on the host.

Workaround
– None identified

Mitigation
– Do not import virtual machines from untrusted sources.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2012-3288 to this issue.

b. VMware Virtual Machine Remote Device Denial of Service

A device (e.g. CD-ROM, keyboard) that is available to a virtual
machine while physically connected to a system that does not run the
virtual machine is referred to as a remote device.

Traffic coming from remote virtual devices is incorrectly handled.
This may allow an attacker who is capable of manipulating the
traffic from a remote virtual device to crash the virtual machine.

Workaround
– None identified

Mitigation
– Users need administrative privileges on the virtual machine
in order to attach remote devices.
– Do not attach untrusted remote devices to a virtual machine.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2012-3289 to this issue.