GSD-2008-0923

Vulnerability from gsd - Updated: 2023-12-13 01:22
Details
Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a "%c0%2e%c0%2e" string.
Aliases
Aliases
CVE-2008-0923
To clipboard 

{
  "GSD": {
    "alias": "CVE-2008-0923",
    "description": "Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a \"%c0%2e%c0%2e\" string.",
    "id": "GSD-2008-0923",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2008-0923"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-0923"
      ],
      "details": "Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a \"%c0%2e%c0%2e\" string.",
      "id": "GSD-2008-0923",
      "modified": "2023-12-13T01:22:59.060885Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-0923",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a \"%c0%2e%c0%2e\" string."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "27944",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/27944"
          },
          {
            "name": "29117",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29117"
          },
          {
            "name": "http://www.coresecurity.com/?action=item\u0026id=2129",
            "refsource": "MISC",
            "url": "http://www.coresecurity.com/?action=item\u0026id=2129"
          },
          {
            "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
          },
          {
            "name": "20080225 CORE-2007-0930 Path Traversal vulnerability in VMware\u0027s shared folders implementation",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/488725/100/0/threaded"
          },
          {
            "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
          },
          {
            "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
          },
          {
            "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
          },
          {
            "name": "1019493",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1019493"
          },
          {
            "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
          },
          {
            "name": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=1004034",
            "refsource": "CONFIRM",
            "url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=1004034"
          },
          {
            "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
            "refsource": "MLIST",
            "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
          },
          {
            "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
          },
          {
            "name": "ADV-2008-0905",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0905/references"
          },
          {
            "name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
            "refsource": "CONFIRM",
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
          },
          {
            "name": "vmware-sharedfolders-directory-traversal(40837)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40837"
          },
          {
            "name": "ADV-2008-0679",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0679"
          },
          {
            "name": "20080225 CORE-2007-0930 Path Traversal vulnerability in VMware\u0027s shared folders implementation",
            "refsource": "FULLDISC",
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060457.html"
          },
          {
            "name": "28276",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/28276"
          },
          {
            "name": "3700",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/3700"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:vmware:ace:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:ace:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vmware_player:1.0.1_build_19317:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:ace:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:workstation:4.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vmware_player:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vmware_player:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0923"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing .. (dot dot) sequences, which bypasses the protection mechanism, as demonstrated using a \"%c0%2e%c0%2e\" string."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.coresecurity.com/?action=item\u0026id=2129",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.coresecurity.com/?action=item\u0026id=2129"
            },
            {
              "name": "27944",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/27944"
            },
            {
              "name": "1019493",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1019493"
            },
            {
              "name": "20080225 CORE-2007-0930 Path Traversal vulnerability in VMware\u0027s shared folders implementation",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060457.html"
            },
            {
              "name": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=1004034",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://kb.vmware.com/selfservice/microsites/search.do?language=en_US\u0026cmd=displayKC\u0026externalId=1004034"
            },
            {
              "name": "29117",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29117"
            },
            {
              "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"
            },
            {
              "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"
            },
            {
              "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
            },
            {
              "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
            },
            {
              "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
            },
            {
              "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
            },
            {
              "name": "28276",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/28276"
            },
            {
              "name": "3700",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/3700"
            },
            {
              "name": "ADV-2008-0905",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0905/references"
            },
            {
              "name": "ADV-2008-0679",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0679"
            },
            {
              "name": "vmware-sharedfolders-directory-traversal(40837)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40837"
            },
            {
              "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"
            },
            {
              "name": "20080225 CORE-2007-0930 Path Traversal vulnerability in VMware\u0027s shared folders implementation",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/488725/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-15T22:03Z",
      "publishedDate": "2008-02-26T00:44Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.