Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: VMWare Security Advisories SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
VMWare Security Advisories

VMWare Released a new security advisory (VMSA-2012-0011) for its products [1]. The advisory covers pretty much all of VMWare's virtualization platforms (Player, Workstation, Fusions, ESX and ESXi). 

The in my opinion most severe vulnerability out of the two described would allow an attacker to execute code on the remote host, which could be used to "break out" of the guest. However, this issue requires that the attacker is able to load checkpoint files on the guest, which in turn requires the attacker to have full control of the guest, a typical requirement for VMWare escape.

The second vulnerability can lead to a denial of service. An attacker can crash the virtual machine by manipulating traffic to remote devices like keyboards or disks attached to the virtual machine.

I would not consider either one of these as "super critical", but in particular the first issue should be patched soon.

[1] http://www.vmware.com/security/advisories/VMSA-2012-0011.html

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

I will be teaching next: Defending Web Applications Security Essentials - SANS San Francisco Spring 2020

Johannes

3694 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!