Wow serious VMWare vulnerability HOST system infection



A flaw in vmware could allow malicious code to be run on the host machine according to Sunbeltblog and citing VMWare’s knowledge base. This is pretty big since this is something that’s not considered as a threat. (Many people use vmware and other virtual machines for malware/virus/spyware investigations because they’re supposed to be isolated from the host machine.)


A vulnerability has been discovered in vmnat.exe on Windows hosts and vmnet-natd on Linux systems. The vulnerability in this component affects VMware Workstation 5.5, VMware GSX Server 3.2, VMware ACE 1.0.1, VMware Player 1.0, and previous releases of these products. The vulnerability makes it possible for a malicious guest using a NAT networking configuration to execute unwanted code on the host machine.
VMware believes that the vulnerability is very serious and recommends that affected users update their products to the new releases available at www.vmware.com/download or change the configuration of the virtual machine so it does not use NAT networking.

It even affects the recent vmware player as noted above.

Related Posts

Blog Traffic Exchange Related Posts
  • Malicious .biz site and browser vulnerabilities This from incidents.org as well... A user visited a webpage and got redirected to hxxp://iframebiz.biz/dl/adv443.php (tt changed to xx to protect anyone from getting there...) Among other things... the page was obfuscated and many malicious bits of software loaded through javascript.... such as hxxp://iframebiz.biz/dl/adv443/sploit.anr and hxxp://iframebiz.biz/dl/loadadv443.exe and hxxp://iframebiz.biz/dl/adv443.hta and some......
  • Ubuntu-server 6.06 LTS plus vmware server and other vmware server notes What follows are some notes taken on vmware server. Most are related to an install on ubuntu-server (NO GUI INSTALLED).... the main point of this is to have the host system take as FEW resources away from the guests as possible. This requires a few x libraries - but not......
  • VMware server usb devices not listed on Mandriva host I've been using vmware server quite a bit of course, I've mentioned it before. I had never played around with accessing a usb device in the guest environment though. When I tried (host operating system is Mandriva 2006).... nothing was listed, in spite of several devices being plugged in (and......
Blog Traffic Exchange Related Websites
  • Coming Up with a Blog Niche Are you beginning a brand new blog? One of the first decisions that you are going to want to make is where you want to put your blog, and then you are going to need to choose a blog niche. One of the best ways to get your blog started......
  • Adobe Systems Patches 17 Critical Security Holes On June 29, Adobe Systems plugged 17 critical security holes affecting Adobe Reader and Acrobat including a patch for a zero-day vulnerability that impacted many of their other products, on multiple operating systems such as Windows, Mac and Linux.  The new versions of Acrobat and Reader are 8.2.3 and 9.3.3,......
  • Self-Hosted Open Source Softwares The most simple way to publish a website or blogs are by using the open sources software. These software are mostly free and ready for upload at their respective websites. They are also compatible with most of the database and language system of most hosting servers. The software or weblog......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site