Unrated severityNVD Advisory· Published Jun 5, 2008· Updated Jun 16, 2026
CVE-2008-0967
CVE-2008-0967
Description
Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
42cpe:2.3:a:vmware:esx_server:2.5.5:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:vmware:esx_server:2.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:esx_server:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:esx_server:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:esx_server:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:esx_server:3.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:player:1.0.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:vmware:player:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:vmware:server:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_server:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_server:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_server:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_server:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_server:1.0.5:*:*:*:*:*:*:*
- (no CPE)range: < 1.0.6 build 91891
cpe:2.3:a:vmware:vmware_workstation:5.5.0:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:vmware:vmware_workstation:5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:5.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:5.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vmware_workstation:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:workstation:6.0:*:*:*:*:*:*:*
- (no CPE)range: < 5.5.7 build 91707, < 6.0.4 build 93057
- Range: < 1.0.7 build 91707, < 2.0.4 build 93057
Patches
Vulnerability mechanics
References
12- secunia.com/advisories/30556nvdVendor Advisory
- www.vmware.com/security/advisories/VMSA-2008-0009.htmlnvdVendor Advisory
- www.vupen.com/english/advisories/2008/1744nvdVendor Advisory
- labs.idefense.com/intelligence/vulnerabilities/display.phpnvd
- security.gentoo.org/glsa/glsa-201209-25.xmlnvd
- securityreason.com/securityalert/3922nvd
- securitytracker.com/idnvd
- www.securityfocus.com/archive/1/493080/100/0/threadednvd
- www.securityfocus.com/bid/29557nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/42878nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4768nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5583nvd
News mentions
0No linked articles in our index yet.