Vulnerability & Exploit Database

Back to search

VMware Workstation ALSA Config File Local Privilege Escalation

This module exploits a vulnerability in VMware Workstation Pro and Player on Linux which allows users to escalate their privileges by using an ALSA configuration file to load and execute a shared object as root when launching a virtual machine with an attached sound card. This module has been tested successfully on VMware Player version 12.5.0 on Debian Linux 8 Jessie.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/linux/local/vmware_alsa_config

Authors

  • Jann Horn
  • bcoles <bcoles [at] gmail.com>

References

Targets

  • Linux x86
  • Linux x64

Platforms

  • linux

Architectures

  • x86
  • x64
  • x86
  • x64

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/linux/local/vmware_alsa_config msf exploit(vmware_alsa_config) > show targets ...targets... msf exploit(vmware_alsa_config) > set TARGET <target-id> msf exploit(vmware_alsa_config) > show options ...show and set options... msf exploit(vmware_alsa_config) > exploit

Related Vulnerabilities