Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: * VMWare vulnerability announced and fixed - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
* VMWare vulnerability announced and fixed
A report showed up on the bugtraq and vulnwatch mailing lists in the last few hours about a vulnerability (discovered by Tim Shelton) in a number of VMWare products (including Workstation, GSX, ACE, and player), that would allow the attacker to escape the virtual machine and execute code in the underlying host OS.  There are new builds which correct the issue (VMWare Workstation 5.5 is now up to build 19175, e.g.) dated 20 Dec on their website, and the bulletin has a timeline section that states that VMWare acknowledged the vulnerability when they released the new builds.  This one is pretty significant for folks who use VMWare for malware analysis or even to isolate/sandbox their web browsing and you are urged to update to the latest build or disable NAT as soon as possible.  From looking at the bulletin, it appears that Mr. Shelton has created a Metasploit module to exploit this vulnerability.

The vulnwatch article is here.
The Secunia advisory is here
VMWare's response is here.

---------------------------------
Jim Clausing, jclausing at isc.sans.org
I will be teaching next: Malware Reverse-Engineering Challenge - SANS New York City 2019

Jim

407 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!