| Name | CVE-2008-1392 |
| Description | The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| Debian Bugs | 486177 |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| vmware-package | source | (unstable) | (unfixed) | low | | 486177 |
Notes
[etch] - vmware-package <no-dsa> (Contrib not supported)
vmware-package just builds vmware from downloaded tarballs, the package itself
does not download them, however it needs to update its hashes for upstream tarballs