Summary
This host is installed with Sun xVM VirtualBox and is prone to Insecure Temporary Files vulnerability.
Impact
Successful exploitation will let the attacker perform malicious actions with the escalated previleges.
Impact Level: Application
Solution
Upgrade to the latest version 2.0.6 or above.
http://www.virtualbox.org/wiki/Downloads
Insight
Error is due to insecured handling of temporary files in the 'AcquireDaemonLock' function in ipcdUnix.cpp. This allows local users to overwrite arbitrary files via a symlink attack on a TMP/.vbox-$USER-ipc/lock temporary file.
Affected
Sun xVM VirutalBox version prior to 2.0.6 versions on all Windows platforms.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-5256 -
CVSS Base Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities