Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: VMware updates resolve critical security issues (VMSA-2008-0005) - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
VMware updates resolve critical security issues (VMSA-2008-0005)

Last month we announced a critical VMware vulnerability where it was possible for a program running in a guest virtual machine to gain access to the host's complete file system and create or modify executable files in sensitive locations (that is, a true escape). The problem was due to a directory traversal vulnerability on the VMware share folder capabilities on Windows.

VMware has announced a new security advisory that includes a set of updates for VMware Workstation, Player, Server, ACE, and Fusion (VMSA-2008-0005), resolving this vulnerability plus a few other relevant security issues:

  • a.  Host to guest shared folder (HGFS) traversal vulnerability (CVE-2008-0923)
  • b. Insecure named pipes (CVE-2008-1361, CVE-2008-1362)
  • c.  Updated libpng library to version 1.2.22 to address various security vulnerabilities (CVE-2007-5269)
  • d.  Updated OpenSSL library to address various security vulnerabilities (CVE-2006-2940, CVE-2006-2937, CVE-2006-4343, CVE-2006-4339)
  • e.  VIX API default setting changed to a more secure default value
  • f.  Windows 2000 based hosted products privilege escalation vulnerability (CVE-2007-5618)
  • g.  DHCP denial of service vulnerability (CVE-2008-1364)
  • h.  Local Privilege Escalation on Windows based platforms by Hijacking VMware VMX configuration file (CVE-2008-1363)
  • i.  Virtual Machine Communication Interface (VMCI) memory corruption resulting in denial of service (CVE-2008-1340)

 The latest versions are:

  • VMware Workstation 6.0.3
  • VMware Workstation 5.5.6
  • VMware Player 2.0.3
  • VMware Player 1.0.6
  • VMware ACE 2.0.3
  • VMware ACE 1.0.5
  • VMware Server 1.0.5
  • VMware Fusion 1.1.1

 Update as soon as possible!

Raul Siles

Raul Siles

152 Posts
Mar 19th 2008

Sign Up for Free or Log In to start participating in the conversation!