Name | wp_vmware_tools |
CVE | CVE-2012-1518 |
Exploit Pack | White_Phosphorus |
Description | VMware Tools Incorrect Folder Permissions Privilege Escalation |
Notes | CVE Name: CVE-2012-1518 VENDOR: VMWare Notes: VMware Tools Incorrect Folder Permissions Privilege Escalation Affects VMWare tools installed by Workstation 8.0.1 and earlier Workstation 7.1.5 and earlier Player 4.0.1 and earlier Player 3.1.5 and earlier Fusion 4.1.1 and earlier ESXi 5.0 without patch ESXi500-201203102-SG ESXi 4.1 without patch ESXi410-201201402-BG ESXi 4.0 without patch ESXi400-201203402-BG ESXi 3.5 without patch ESXe350-201203402-T-BG ESX 4.1 without patch ESX410-201201401-SG ESX 4.0 without patch ESX400-201203401-SG ESX 3.5 without patch ESX350-201203402-BG This module works by setting the VMWare tools log file to write a .bat file to the All Users startup folder. Sucessfully testing on Windows XP, Vista, Windows 7 Even if the hosting hypervisor has been patched, a Virtual Machine will still be vulnerable untill the new version of VMWare tools is installed. VersionsAffected: Repeatability: Unlimited References: http://www.vmware.com/security/advisories/VMSA-2012-0007.html CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1518 Date public: 2012-04-12 |
Learn more about the CANVAS Exploit Pack here: White_Phosphorus |