Posts Tagged ‘vmware’

VMware Workstation ALSA Config File Local Privilege Escalation

This Metasploit module exploits a vulnerability in VMware Workstation Pro and Player on Linux which allows users to escalate their privileges by using an ALSA configuration file to load and execute a shared object as root when launching a virtual machine with an attached sound card. This Metasploit module has been tested successfully on VMware […]


HP Insight Control For VMware vCenter Server 7.3 Insecure Permissions

HP Insight Control for VMware vCenter Server version 7.3 allows a low privileged attacker to read sensitive information files, decrypt all configuration server passwords, and gain access to the systems which in turn leads to the compromise of the whole infrastructure. Source: HP Insight Control For VMware vCenter Server 7.3 Insecure Permissions


VMware VDP Known SSH Key

VMware vSphere Data Protection appliances 5.5.x through 6.1.x contain a known ssh private key for the local user admin who is a sudoer without password. Source: VMware VDP Known SSH Key