Local File Corruption in VMware Open Virtual Machine Tools
CVE-2011-1681

Currently unrated

Key Information:

Vendor: Vmware
Status: Open-vm-tools
Vendor: CVE Published:; 10 April 2011

Summary

The vmware-hgfsmounter component within VMware Open Virtual Machine Tools allows local users to corrupt the /etc/mtab file. This occurs due to the component's failure to check whether resource limits, specifically RLIMIT_FSIZE, would obstruct appending to the file. A low RLIMIT_FSIZE value provides an avenue for triggering this corruption, potentially leading to system instability and exposing the system to further vulnerabilities.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/66699

vdb-entryx_refsource_XF

http://openwall.com/lists/oss-security/2011/03/14/5

mailing-listx_refsource_MLIST

http://secunia.com/advisories/44904

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Apr 10, 2011
Vulnerability Reserved
Apr 9, 2011