{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-03-18T00:00:00", "descriptions": [{"lang": "en", "value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an \"insecurely created named pipe,\" a different vulnerability than CVE-2008-1361."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-201209-25", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"name": "3755", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3755"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"}, {"name": "vmware-namedpipes-privilege-escalation(41259)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"name": "1019621", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1019621"}, {"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"}, {"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}, {"name": "ADV-2008-0905", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0905/references"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"}, {"name": "28276", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/28276"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-1362", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an \"insecurely created named pipe,\" a different vulnerability than CVE-2008-1361."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201209-25", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"name": "3755", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3755"}, {"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"}, {"name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"}, {"name": "vmware-namedpipes-privilege-escalation(41259)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"}, {"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"name": "1019621", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1019621"}, {"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"}, {"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "refsource": "MLIST", "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"}, {"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}, {"name": "ADV-2008-0905", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0905/references"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"}, {"name": "28276", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28276"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:17:34.550Z"}, "title": "CVE Program Container", "references": [{"name": "GLSA-201209-25", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"name": "3755", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3755"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"}, {"name": "vmware-namedpipes-privilege-escalation(41259)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"name": "1019621", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1019621"}, {"name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"}, {"name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}, {"name": "ADV-2008-0905", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0905/references"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"}, {"name": "28276", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/28276"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-1362", "datePublished": "2008-03-20T00:00:00", "dateReserved": "2008-03-17T00:00:00", "dateUpdated": "2024-08-07T08:17:34.550Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:ace:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "6F20A8E8-E07D-41B2-899F-2ABA9DD1C2C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:ace:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A8E1A5AA-BD9F-4263-B7C6-E744323C4D74", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "47B13A58-1876-4322-AC25-107D43BABD2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6D04A928-4421-4BEE-9500-7398E4DB929B", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "6F2F6AF4-5987-43BC-9183-5DF7D6DE1EFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "088450C4-9C6F-4651-8D59-C36F1B0601BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F7AD12A-26C9-48AD-A32A-0F56545DF8E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "73C45BB0-C0DB-42B8-A238-B81D836CF91E", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "297226F7-05CB-4721-9D02-51FE2919D2DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "B8DD6D27-1335-44EF-8B69-A9163A67BC2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6968BBA4-3A55-4495-ACB2-6F7535EBEAF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "F6FFF35E-DCFC-4C13-8C5A-7CE80A161370", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "2EBD26B9-60A6-4D6B-B031-0DA8A9F3323F", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5B7632A4-D120-434D-B35A-303640DB37AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6DFFE01E-BD0A-432E-B47C-D68DAADDD075", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "B3CF9F67-DE1A-4CB0-B3AB-B28DC8C02C4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_34685:*:*:*:*:*:*:*", "matchCriteriaId": "51C6D608-64DE-4CC4-9869-3342E8FD707F", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.3_build_42958:*:*:*:*:*:*:*", "matchCriteriaId": "DDEAB605-03F6-4968-8A48-126C7C711043", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "16A1141D-9718-4A22-8FF2-AEAD28E07291", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:5.5.4_build_44386:*:*:*:*:*:*:*", "matchCriteriaId": "AE2ADE72-4F19-4E73-AC3E-7038FE0D38B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "89329F80-7134-4AB2-BDA3-E1B887F633B0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of service by impersonating the authd process through an unspecified use of an \"insecurely created named pipe,\" a different vulnerability than CVE-2008-1361."}, {"lang": "es", "value": "VMware Workstation versiones 6.0.x anteriores a 6.0.3 y versiones 5.5.x anteriores a 5.5.6, VMware Player versiones 2.0.x anteriores a 2.0.3 y versiones 1.0.x anteriores a 1.0.6, VMware ACE versiones 2.0.x anteriores a 2.0.1 y versiones 1.0.x anteriores a 1.0.5, y VMware Server versiones 1.0.x anteriores a 1.0.5 para Windows permite a usuarios locales conseguir privilegios o provocar una denegaci\u00f3n de servicio utilizando la suplantaci\u00f3n del proceso authd a trav\u00e9s de un uso no especificado de una \"tuber\u00eda de nombres creada de forma no segura\", siendo una vulnerabilidad diferente que CVE-2008-1361."}], "id": "CVE-2008-1362", "lastModified": "2018-10-11T20:32:02.137", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-03-20T00:44:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3755"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1019621"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/28276"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0905/references"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41259"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}