CVE-2016-5330
CVE-2016-5330
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/41711no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.htmlhttp://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideloadhttp://www.securityfocus.com/archive/1/539131/100/0/threadedhttp://www.securityfocus.com/bid/92323http://www.securitytracker.com/id/1036544http://www.securitytracker.com/id/1036545http://www.securitytracker.com/id/1036619http://www.vmware.com/security/advisories/VMSA-2016-0010.html