VMware Workstation/Player/Fusion/ESXi/ESX 4.0/4.1/5.0/5.1/9.0 Invalid Port VMX Process denial of service
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.4 | $0-$5k | 0.00 |
Summary
A vulnerability classified as problematic has been found in VMware Workstation, Player, Fusion, ESXi and ESX 4.0/4.1/5.0/5.1/9.0. The impacted element is an unknown function of the component Invalid Port Handler. Performing a manipulation results in denial of service (VMX Process). This vulnerability is reported as CVE-2014-1208. Moreover, an exploit is present. Applying a patch is the recommended action to fix this issue.
Details
A vulnerability classified as problematic has been found in VMware Workstation, Player, Fusion, ESXi and ESX 4.0/4.1/5.0/5.1/9.0 (Virtualization Software). This affects some unknown processing of the component Invalid Port Handler. The manipulation with an unknown input leads to a denial of service vulnerability (VMX Process). CWE is classifying the issue as CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. This is going to have an impact on availability. The summary by CVE is:
VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port.
The weakness was disclosed 01/16/2014 with Recurity Labs/Bundesamt Sicherheit in der Informationstechnik as VMSA-2014-0001 as confirmed advisory (Website). The advisory is shared at vmware.com. The public release has been coordinated in cooperation with VMware. This vulnerability is uniquely identified as CVE-2014-1208 since 01/07/2014. The exploitability is told to be easy. An attack has to be approached locally. No form of authentication is needed for exploitation. Technical details are unknown but a public exploit is available.
After immediately, there has been an exploit disclosed. It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 72036 (VMware Fusion 5.x < 5.0.1 VMX Process DoS (VMSA-2014-0001)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family MacOS X Local Security Checks. The commercial vulnerability scanner Qualys is able to test this issue with plugin 216060 (VMware ESXi 4.1.0 Patch Release ESXi410-201312001 Missing (KB2061210)).
Applying the patch VMSA-2014-0001 is able to eliminate this problem. The bugfix is ready for download at vmware.com. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (90558), Tenable (72036), SecurityFocus (BID 64994†), OSVDB (102197†) and Secunia (SA56499†). The entries VDB-11634, VDB-11996 and VDB-11998 are pretty similar. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Affected
- VMware Workstation 9.0
- VMware Player 5.0
- VMware Fusion 5.0
- VMware ESX 4.0
- VMware ESX 4.1
- VMware ESXi 4.0
- VMware ESXi 4.1
- VMware ESXi 5.0
- VMware ESXi 5.1
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.vmware.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.2VulDB Meta Temp Score: 5.4
VulDB Base Score: 6.2
VulDB Temp Score: 5.4
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Name: VMX ProcessClass: Denial of service / VMX Process
CWE: CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Partially
Availability: 🔍
Access: Public
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 72036
Nessus Name: VMware Fusion 5.x < 5.0.1 VMX Process DoS (VMSA-2014-0001)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Port: 🔍
OpenVAS ID: 103884
OpenVAS Name: VMSA-2014-0001 VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Exploit Delay Time: 🔍
Patch: VMSA-2014-0001
Timeline
01/07/2014 🔍01/16/2014 🔍
01/16/2014 🔍
01/16/2014 🔍
01/16/2014 🔍
01/16/2014 🔍
01/17/2014 🔍
01/19/2014 🔍
01/20/2014 🔍
01/20/2014 🔍
06/08/2021 🔍
Sources
Vendor: vmware.comAdvisory: VMSA-2014-0001
Organization: Recurity Labs/Bundesamt Sicherheit in der Informationstechnik
Status: Confirmed
Confirmation: 🔍
Coordinated: 🔍
CVE: CVE-2014-1208 (🔍)
GCVE (CVE): GCVE-0-2014-1208
GCVE (VulDB): GCVE-100-11997
OVAL: 🔍
IAVM: 🔍
X-Force: 90558 - VMware ESXi and ESX invalid ports denial of service, Medium Risk
SecurityFocus: 64994
Secunia: 56499 - VMware ESXi / ESX Two Denial of Service Weaknesses, Not Critical
OSVDB: 102197
SecurityTracker: 1029643
Vulnerability Center: 43016 - VMware Workstation, Player, Fusion, ESX and ESXi Remote DoS Vulnerability via Invalid Port to VMX Process, Low
scip Labs: https://www.scip.ch/en/?labs.20060413
See also: 🔍
Entry
Created: 01/20/2014 13:52Updated: 06/08/2021 13:21
Changes: 01/20/2014 13:52 (93), 05/19/2017 11:06 (2), 06/08/2021 13:09 (3), 06/08/2021 13:15 (2), 06/08/2021 13:21 (1)
Complete: 🔍
Committer:
Cache ID: 216:A8F:103
No comments yet. Languages: en.
Please log in to comment.