VMware updates resolve critical security issues (VMSA-2008-0005)

Published: 2008-03-19
Last Updated: 2008-03-19 04:06:24 UTC
by Raul Siles (Version: 1)
0 comment(s)

Last month we announced a critical VMware vulnerability where it was possible for a program running in a guest virtual machine to gain access to the host's complete file system and create or modify executable files in sensitive locations (that is, a true escape). The problem was due to a directory traversal vulnerability on the VMware share folder capabilities on Windows.

VMware has announced a new security advisory that includes a set of updates for VMware Workstation, Player, Server, ACE, and Fusion (VMSA-2008-0005), resolving this vulnerability plus a few other relevant security issues:

  • a.  Host to guest shared folder (HGFS) traversal vulnerability (CVE-2008-0923)
  • b. Insecure named pipes (CVE-2008-1361, CVE-2008-1362)
  • c.  Updated libpng library to version 1.2.22 to address various security vulnerabilities (CVE-2007-5269)
  • d.  Updated OpenSSL library to address various security vulnerabilities (CVE-2006-2940, CVE-2006-2937, CVE-2006-4343, CVE-2006-4339)
  • e.  VIX API default setting changed to a more secure default value
  • f.  Windows 2000 based hosted products privilege escalation vulnerability (CVE-2007-5618)
  • g.  DHCP denial of service vulnerability (CVE-2008-1364)
  • h.  Local Privilege Escalation on Windows based platforms by Hijacking VMware VMX configuration file (CVE-2008-1363)
  • i.  Virtual Machine Communication Interface (VMCI) memory corruption resulting in denial of service (CVE-2008-1340)

 The latest versions are:

  • VMware Workstation 6.0.3
  • VMware Workstation 5.5.6
  • VMware Player 2.0.3
  • VMware Player 1.0.6
  • VMware ACE 2.0.3
  • VMware ACE 1.0.5
  • VMware Server 1.0.5
  • VMware Fusion 1.1.1

 Update as soon as possible!

Raul Siles

Keywords: vmware
0 comment(s)


Diary Archives