Desktop Virtualization

Virtualization news and reviews

  • Solutions
  • Articles
  • Glossary
  • Contact

Gleb Reys March 18, 2008 1 Comment

Critical security vulnerabilities fixed in VMware's hosted products

Many of you have probably heard about the recent Core Security findings which resulted in a security advisory CORE-2007-0930, Path Traversal vulnerability in VMware's shared folders implementation:

A vulnerability was found in VMware's shared folders mechanism that grants users of a Guest system read and write access to any portion of the Host's file system including the system folder and other security-sensitive files. Exploitation of these vulnerability allows attackers to break out of an isolated Guest system to compromise the underlying Host system that controls it.

Successful exploitation requires that the Shared Folder's feature to be enabled which is the default on VMware products that have the feature AND at least one folder of the Host system is configured for sharing.

VMware Shared Folders vulnerability

All versions of VMware's hosted products that include the Shared Folders feature are vulnerable:

  • VMWare Workstation 6.0.2
  • VMWare Workstation 5.5.4
  • VMWare Player 2.0.2
  • VMWare Player 1.0.4
  • VMWare ACE 2.0.2
  • VMWare ACE 1.0.2

VMware Fix for Shared Folders vulnerability

VMware has just released the VMSA-2008-0005 advisory, announcing a number of critical security threats identified and fixed in the next releases of hosted products.
The following security vulnerabilities have been addressed:

  1. Host to guest shared folder (HGFS) traversal vulnerability
  2. Insecure named pipes
  3. Updated libpng library to version 1.2.22 to address various security vulnerabilities
  4. Updated OpenSSL library to address various security vulnerabilities
  5. VIX API default setting changed to a more secure default value
  6. Windows 2000 based hosted products privilege escalation vulnerability
  7. DHCP denial of service vulnerability
  8. Local Privilege Escalation on Windows based platforms by hijacking VMware VMX configuration file
  9. Virtual Machine Communication Interface (VMCI) memory corruption resulting in denial of service

New versions of VMware hosted products

All the above security fixes are incorporated in the following new versions of VMware products, all available for an immediate download:

  • VMware Workstation 6.0.3 (Build# 80004)
  • VMware Workstation 5.5.6 (Build# 79688)
  • VMware Server 1.0.5 (Build# 80187)
  • VMware ACE 2.0.3 (Build# 80004) and VMware ACE 1.0.5 (Build# 79846)
  • VMware Fusion 1.1.1
  • VMware Player 2.0.3 (Build# 80004) and VMware Player 1.0.6 (Build# 80404)

Links:

  • Core Security advisory: CORE-2007-0930
  • VMware security advisory: VMSA-2008-0005

Filed Under: VMware Tagged With: security, security advisory, server, VMware, vmware player, vmware workstation, vulnerability, workstation

Upcoming topics

  • VMware View 4
  • PCoIP
  • New in xVM VirtualBox 3.1
  • vSphere 4

Comments

  1. Brendy says

    April 14, 2011 at 12:31 am

    That's really thinking out of the box. Tnhkas!

Leave a Reply

Your email address will not be published. Required fields are marked *

See Also

  • Unix Tutorial
  • Basic Unix Commands
  • Advanced Unix Commands
  • SSH port forwarding
  • Unix Tutorial Digest
  • Unix Reference

Advertise Here

If you're interested in advertising your desktop virtualization product on this website, please use the contact form to provide additional information.

Virtualization Software

APPIP ERROR: amazonproducts[
AccessDenied|The Access Key Id AKIAIJB2ICKX5VVPQVJA is not enabled for accessing Product Advertising API. Please sign up for Product Advertising API at https://affiliate-program.amazon.com/assoc_credentials/home.
]
APPIP ERROR: amazonproducts[
AccessDenied|The Access Key Id AKIAIJB2ICKX5VVPQVJA is not enabled for accessing Product Advertising API. Please sign up for Product Advertising API at https://affiliate-program.amazon.com/assoc_credentials/home.
]

Books you should read

  • Mastering VMware vSphere 4 (Computer/Tech)
  • vSphere 4.0 Quick Start Guide: Shortcuts down the path of Virtualization
  • Virtualizing Microsoft Tier 1 Applications with VMware vSphere 4

Recently Written

  • Follow Up on Hardware Virtualization
  • Open VM Tools or VMware Tools?
  • The End of the Road?
  • Desktop Virtualization in 2016
  • What Are Your Thoughts On VirtualBox 5.0?

Basic Unix Commands

Basic Unix Commands
  • ls command
  • mkdir command
  • man command in unix
  • cd command - change directory
  • uname command

Useful links

  • Solaris Blog
  • Unix Tutorial Unix Tutorials and System Administation Tips

Unix/Linux Reference

Unix Reference
  • check CentOS version
  • check Raspbian version
  • SSH port forwarding
  • unix commands
  • visudo tutorial
  • mtime unix
  • lrwxrwxrwx
  • Unix Tutorial digest

Advanced Unix Commands

Advanced Unix Commands
  • ln command - symlinks
  • tune2fs unix command - filesystem parameters
  • du command - disk usage
  • lsb_release command
  • find unix command

Virtualization Glossary

  • VDI
  • Virtual Machine
  • Sun xVM suite

Copyright © 2023 · Streamline Pro Theme on Genesis Framework · WordPress · Log in