|
|
|
VMWare: Virtual Machine Security Flaw Very Serious
By: Ryan Naraine
2005-12-22
Article Rating: / 1
There are 0 user comments on this Network Security & Hardware story.
The vendor has issued product patches for a very serious security flaw that puts customers at risk of remote code execution attacks.Virtual infrastructure software maker VMWare Inc. has rushed out fixes for a "very serious" security flaw that put users of its product line at risk of code execution attacks.
The vulnerability, which affects both Windows and Linux systems, affects VMware Workstation 5.5, VMware GSX Server 3.2, VMware ACE 1.0.1 and the free VMware Player 1.0. All previous versions of these products are also affected.
VMWare, of Palo Alto, Calif., acknowledged the vulnerability in a published advisory and warned that it is possible for a malicious guest using a NAT networking configuration to execute unwanted code on the host machine.
The company rates the vulnerability as "very serious" and recommends that affected users apply the updates provided or change the configuration of the virtual machine so it does not use NAT networking.
"If you choose not to update your product but want to ensure that the NAT service is not available, you can disable it completely on the host," VMWare said.
The flaw presents the biggest risk to malware researchers who use VMWares virtual computing software during the audition of virus, spyware and rootkit files. It could allow a malicious hacker to sidestep the virtual machine and exploit the underlying operating system.
"Since VMware is used heavily in malware research, this is an obvious danger," said Alex Eckelberry, president of anti-spyware vendor Sunbelt Software Inc. "If youre running [Windows] XP and youre running VMWare, the exploit could jump out of the virtual session and affect the underlying system."
 The VMWare Player showcases new virtual realities. Click here to read more.
Jim Clausing, an incident handler with the SANS ISC (Internet Storm Center) said the risks are significant for VMWare customers who use the affected product for malware analysis or to isolate/sandbox Web browsing.
In an interview, Clausing warned that there is a Metasploit module that provides a successful exploit of the vulnerability. "If youre using VMWare, you should be updating to the latest builds immediately, or you should be disabling NAT," he said.
Tim Shelton, the researcher credited with reporting the flaw, has published a proof-of-concept demonstration that shows how the buffer can be overwritten to launch exploit code.
Security alerts aggregator Secunia rates the flaw as "moderately critical."
The security hiccup comes at a sensitive time for VMWare. Earlier this month, the company released the VMWare Player as a free download to Windows and Linux users. In addition, VMWare announced a partnership with Mozilla Corp. to deliver the Browser Appliance, a virtual machine powered by Firefox that allows users to securely browse the Internet.
At the time, the company said the Firefox Browser Appliance can be combined with the VMware Player to protect against adware, spyware and other malware and to protect personal information.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
|
|
�������x}ks6*�Q3{L=RJ64ԭRQ$$1H-IVrO/v�K�Zc=g&-�`n4�w�}Aȹ3&�9)ٟG,z�Ij}݇@�Be�zNULsJ�Զn�L7n[c3�P/�!��kL|A�შ��b�H ���%�j'A]k|c{F}_2F�7�\�3�Ѣ�eb�^P�$ȁ_M¦�%yHC�DR�ɏ�m@|#�ַ(>r@ߩ�V�ANé-}!*{:|HJ%h��ʏш1"|x\'gώ>г{/�PQ�X?!�ڮq�4]�"�X'�[vkx!D�y!rs�#�g�ݻ�`$nRvn8Gd`jĤAR�-�XF2M*-f{ӡk)�ux�
5\`p�)jHZ6{n��_w$z�(֛z$=+~�daSCIHo*! lV=�Rچg�?-�Ib�H8CEn] ؾ�t�syHn��U�$ENX*�o�~�cn�!Lj�X�vL<:�CYͼaF3l˸;4
HSKVUBX)ڑx>o9{ۖ3p*sgyÝ|k7;Wʪ)Jw9ʑ�GA
�m�h[Jv^V\w{>~n��9G$HcA~N~7&
LT)�Jj\(�ML�0h�5&� :^gN{���_ x�[�ԊhGZAAv��Ina�̳|�3�+i3*5dNߒ-~k~>E,[3sAT4
̠�K`Wk�eP9m<_st.[ݛ�9^VsCV=BCj`Bӹc�iuuUZz�܃-�x��6�b
M��u�ô|WVK5IC{r&�t|9!9Io
'?��;Be}#�7�ReQ
�o̱n>�@|ˤd&r*� ?0@/��a j56kiBu��V�!`J��ܺNR�49�Vϡ��蟉$W�m�4�@r5�)6B̄H )wR<�?��z@@�ZR~nV(�U�S%EI7#DD� v23~�B(��pHq��> z%�e1\Ӱu�irq���]7+De.
s5-wfzˢ�;\g8m7-һ^5?aUb}ƺƻ��KEhYf7-$��ꨦUʵt�~~�,VRSW, �F̶#ؠ�S&�s;y0�`���;}J�Oiͧ89~��t$�ࠣM��/�G˥qf�1�@�
L�n0i�\�+���Gݺ~L߳�=��Wԇ5j`�I
�l"�]�LR}>l�8d
$(s�w[L,)`A��#`���V��<� �2/?C�n@�}S(�}�9g�)�nвc@!4ӃiА4XĽǦ��Y}6-jG�r�Ǹ%�q�9an5�Ɖ<\yv�=�.У|8$4<3_O#kۖs�M���߄V�9uC \D r}͚X� 4ؐ�|&B77cn�^ښtɕu.F�(�hJ�~)d�z~�#J�ݼ^`��;h{q#%IAw
�=�U檳�@d:[6[K�7˦�F"$l�J�~eXZ�@-��*46@0V�_Xv�o�jQtV(&��АT
um:\X3,#��%.�?W0�Z�Ԓ6d6@=p�pZ#}nP
jrA5 Ȕm0UKU9,Wfn
����(��)r?-j(6�SXSĝ�u<\| �f�l.n������p6h>JeH�w6q�-
CO5,��v&V�fj:Y[�3�4�2.|O\��V,'0{�#�Všk/3Kw�aﴽ.JM.jFd>n '�L[!B����D+ه0`�,�ED>t�ZB_`��/Ƥ_$I?րH{A��2,exY5mI\v '�Yw�$�EifRKr�9&�zI4e�$\o秺�
ؕGa/AOY�*#؉��k��o` 12l�3u�/.fr|tݱM% y�AG5�耰��!L`V0!�+
#m6qJs�-"uW:gKjS��Z+�::>j��瞏�+kF�$*�X�
� d5}�u��*ZWӪ`⬄�Bc$ D!��#2�z q�[kh0h-f;�Z�w�Ԫ6�
h)�6YS!RW�
dĞ�e�eKed�jC鳨<�gE-_M�>�-̓Sw&Z��Ĵ\.@
^�(�93+F_]-M:f2/��c�>ϣ��=W5K�XBb+�>�A:+lm`̧s{_`pl1�\Anc>֍Ln�yUc�6~�z�zi0bZ`(n<0{�L3wJ�=
Phn4r�l2~6PZMm"y'ث�D>$g;}'D`�wT0�MO�0=@"��#f.s_�wf�=]٘�i
�}SU�ה�*eάɢ�(Ъ6��#�i��w�2<�]c>�?/$*RQv+T5LdR,WEzz�`-XPj�B�L*>"ѧM�C/
PNZC^�$G|)�AU��%UHU(V
�$�y�U;*h�7xџ6YD+(++i-^2�ǽa�m.E�9[��4˷�ʨKV-�,sK"hʊg�_|�r[rn)ty��Ć5(4C-Bwyr�`��3W�4$Nc�VpDMb?ҁ�h)03?0RlʪV�uZU
ՂVE'�sٞEA(zߋC�WuRԣo{{�C4}óf�?"X7S�wg�ts�̇)u͇RiE�mT)玾ߓJ\X }ĵ��) rA-��ã,D(�_d�2rY�j�+dP��Hbx|{W
!&1ǷWXO\�dK!O�7ƒ"����q��D;}ZPf�7&3 111u/xqi`�~Ъ�[(
L ��$q�)YUi�hj/nL0ƙc�5al�9)e�~�u�{tZCR6i/6/:_�� �?��:N���9kw>4�{4{J�xY�pU\8$#�_>^w?]Ec�]�Gyi8dF&{Pv�B�,
H13Q=+"WVsQކۧ0F@q
Ɏ�wsѼع�_xtϻ�9\$1~J`'�
yxyru4+$yy��|hq0nmǛ&����L�kd�3;&W쐶Cվt[k,�W�ZXKr!�Vj,<9Aϐa(�n4�'lS돽5/ؿ+,k�̚_�f·?|CCJNx,�(G��b r
H)'4��N%:�\bϻ;H4�hp�k�C*Q�W2R�Eh�I�A&'&g
<"D&9F�hDu~mpEb�}C�gax!wl08D@ISL�&Q([I;`deQnKlx8e%RL锐'g.ϕp��|Nh�'I^VR6T$��4%!44ALNbC]A+#g�һj^nOpV�H�p._xvImK$��Ζ�&"�̗4.נ�y8��V�#[vx~�t�a}QגZ4ҫoeW!9��?<-@�s`:�<�@´+,�zTVHlw;u`�q&k��?�dN-Ƅ��`s�k@ϝO(|@��]+���U@<@�{�.=ا�H�YX�xlSֻ�13�Y#A!{� Rf�"��]N�X�r?�4h�g
azc[ʹ�39#@�*y�h�\]�[ݚ�8)<�A~A<
vD�4�);˷xJz}in;�d�⫆ܖ�~�@z'�zYOX��W+O*OBWc+YTޞ�1;l�V���3S�O�pM_k
w]�5p M[k!/1�%]Kдg=.00S�/s�K[��^}:lQߏo%~2y-���X#v<:KDguXP?DI=OF�bOO^~on�,��CqF@\RXb��rolUM�~k's*E�~Tol[ӠTPG�^��SOPp�/}~c/B�өo[w�i^VSjrԫ3k<�C1-⧩��?uuo��Ch/K�/+��n�*�>#^UbErKNv�QT&Br'<6~/n!,+�E{﮶�OYMh4q9o���AhgӔ׆�.CL�gC1I�QT=`[QQ?ۧiEl��T��_p%��'5XĻ�H,Il�vI-���1�RnI!%�q`
,U�j)N44K�21"$wWy57��J&&[OtȔ0bi߭c])&���/6�L98a6'P&;ZQJՊ}j<(�?�n��7�^�l�z6#&K->���?
j=N]�jrw%�N=�~�Ķ�bZ�uzH�
9gh4hT�| [�f/s٩/]{�M�֓D��,T&?�o`'$�Hב8D ��1L#���pS¤)$�h��P�%Uѹ�6^N��h�^�I`$D-%:%q�חZ*��,`
E\6CoGeG���`)��9s.Gj3�
)g5sopT(q�q7777YהBM{:W/^�K0[?ty4LDW�RN]M�F3Ҍ7E��-�T�pg0O�7O065T:vQ0A�"Z@mɧ+i_.ȼ;e�X1g��:}l��1jQ-q5{B�I_J��7�+��1�+>H!}NƓ_ݒ
/`hZܔz�kTx%�\Zy*SI9?YM|'\%�k��Fcj� ~(� �Ϸz#ċ"ϦW dK1&He:bN�X<*d!Y76�k �6t
\'D�^5� ��3p�oE=�awuc[rCչA.cO�e�!p+o}SJRG�n9:W��qTX�kMx0�4rP-n�?�*<ɳ;�@%2^i�qSHx[[rP_t�����E$ԗ`��wRx ��Ll��,!4BF�Z^�$�GBpoӺ}*iB<�ɽ]ҿÄ98989898߸�#*oPRUY1U@1!h+�^<=Kڮ52
d� Y(Up��]y�[C�a(@ڛ�ɝX�etYmС>Hc-{�\hKD@�A6�/taZ�H473%G"c7v=_3`BaOx}�:
?
N0j �Kl�=$>aч�Wɰ��kl.�VEb_N~
}�խ��#�0`k�{RBv'E /}mdin.]>Z�L�"s� &4S[�+
n5/{ĉ"k#o}ܫ�l��7Q8ld2�ӈ�ތ�xBߣnoƶ57l&aANso�~5x�X] q,�;v�҃V\r:�ܱ9��ş-z˯�*R�3wr�["
)lB/4'5O�si`Z~�7o~P!ijΠ6k?0��ZߘmɚLHj�~ж}A˽?V46
mY�[`}XM�EY>�*淵췱gyN;W}V)K2jhk+1}ʤelC�`lï^�J�i��f#eĆ4[a+I�錃qlrGJ_=�X��L4skx��(&0%K7{- rpBLI�|`u1��A�p\|@Q�ha֭Bz�/EҶ�C�{T_[��_Ukr�2О$Mw�q�X�ъ#;Ћ��=d��q�!T7,iKg!PjwT60?�P=G?ځrU����9So|֊�[NۓiΞCm�,%��f|l9>QiH��c�-1~R�<�$^X��PAgXt�<#"�S_\ߣ���Y?`Cqfɷw1^cd2Q�ȏ�Q
Q�E��)�n֝JSTC�䉯["
����~ui��x��#@K�٭,=�f|'�b�!rc[at��@TQվv0�cp[,zŽ+pf�$e
_Mt,6a�`�/)ȁ;[
��(я TmSO&�7�Ns�J�(aږ[�ɱ+A#샒�=�%h��S!,q)Ds�Q,?Ñ:-���AXy-��E�9��D�NE07��vyac`8(ĒI
)#�m���/-Iyp00�drS,�Y�K7�c.}ZE%�|�Z
iE�]J1xy��[O֘1h*B Uٜ�A�5���RU
BI��?ȅ�|^3�Hsr�3#�m�v \�mz^CvJ;7�^h6�]4_q�=!o7ݝ�AfnVu&r��C[wn9#On@ zp�'�@�16l,nO.�2��V&TRӰp-3|ri?�NRu���s�b*1̶1pB�RR,Cy^�iwqݗǮV5U*�5��N89vaڜI\�q':Rg�y祒V,T˩u^Gp�=X2x
w�%.`\lG�N$(�b��~-=�-��O9:��fl9
c{_[
w5(�`v3%[ �,o8�7�Zx.%5&o[I{e��>9bӹ�%�iѩ
�HuWkmR)9�SRmF��Ν�z_abu{ι Fʒ2 MW�lfmےV�o5JK$,l�7H �tAtGw,�@8�(�LF�DқQ̩�/Hk_oDΡgZܳVܞVk",,�JXy�rBGیh%=mP,�(]~�B< E�M)<ĘRd
� Ą[)bUfwܠ~z�*ڟO�ve^n�n��ZUFGȚXw"�t bJ �ݲY�;�_|L`߄7>�z�C�..�
Arj$Ƿp�
?>}A6�ژy��iF$��Rx &�Gd.$�'�k3`wzS/~:m#!k^�bΑ윰Qor}SjJ��ԝ��}�p�\pj4HTdL4B&(qTik$<49|_zLiJ�% �
�5"���Y c2F$�hD1fHǼ�͈ )9 ǡlc0
RǠ�QD�\11Faŷ^(�l�C�;b21#|>Oc(�ȗ�H-*�ɑ�E�Q\U�P�*@J��>S�|������?/KL)!H0Z�onA)
&.X`3��Y�ej��xp�Ƨ�X<>�� 4鐚x,��dj�0�,ywFw`C'[��E9�Y|ob{�LgA~^\b�@Ԑ0�(VIB�u�XRFB(�s�
�S�$c
36ú~6�_F`��p���3�W�VjE)OBӁRs]� U8�|mx4,4Ꟊe]K&JZ!
�`x�zNrdhz?;�X~@|�LBz،\�ݹ�,0B�9^&9nIqst/q{�5�_QwBrҽrڹl_]w.ƩL·_s}mR<�e�jE)sC9�lꌹ6�Wd;πW𒈾(ah,.6ug$;G(%lGyz�Uzu7M�&6鏩Bfuljŵ�N#g5^LWkFN\3C|M@ЦoJ�c>s�N�M�o���
)n}>e;�MjV}Qy�xQ�Q+Q~
כO͌.w3ʑ[@V;�O6�}N3�OPisY'8l.rN+�deF9^K/�\~�3l��EF/�E�|E�}/>��_d�"?/?/2�e2sF�e
Q~���0�{ s!?0~���wAt3O�K7C\�\e�5u���cs'O��?gC>g3s�n&�&oon2/9IR<��9k^픊�8k�gK�"
SV9,.O3kP
g���~-2*B~�y/�} kJ+ťW�*7YKxM}%k{[F1nv�dtb�at�5KHe^M*!#(,8%Y}MNJ�4tk 7b[y�DYAI{R}tE��I>t�p]"&JR7[O'´Z}5_9��x=U2�6#�{"tfc2 % /]#=D(�s�2��xwI0?ۓ{��go�].�6pqSh7��pK|��`
�}z�.omG;yh#62vf;�w�oCd
y^$�ٟ�>��x�P�[LԸRGpoQV"
#�<5 b7Jg�?f�>taO��vHy>j~l|Z/O�*8�uߚ�Yu8��%�� {YV&@Y8'}Q�?�O>fƄ�=�7Cz�K=v�;ޘ]*<́a[�CR'|(VT+[-WJr=�La8 "8���fDdU*�.�ZX��,.g
�/(�@#غ̷|R'C7<8i�Rq�
x+[&� WR��1�=:lǬ*�ۼx�`T�)��؛��ގe�@��?o��
;X
�j-$R1W!+Bfx?;��c�6�1bn4�1|�u¿�z:9e�3Ob0t9+hwޠ��
{}�z<8�JN),#�[�o�t�z\d�Ldp!gB-[˫t!_Pe)�D ˦憫�:X֞/sn�@aƈ�kDM�In�_!�x'G9Erl|ϖؼ<"�=0Hk�X�009�s]^�̇~K�ܻ-I5�s� �(*-c�8]r�N=X�v7i�61��py3 3��w' ��Ы~:��m
�o1I45~�ɱf�( �k�DF(t#by��ܝ0�S@d[�0e�7t�gG=ם�Pa_nܙ%O/T�B�#�lu��f̈́]%]P��#Kwl/&�?�\v������2#z�MO�]n�BaIg�K�k�z��̄0Q|cx?K+_yl�x$Qh/I'�kQ��~%0uo�O�
챧�47 gs�l+.Ġ/3>g'4WBMx�Yu�m&$rq�;at>]&w��~ł�)#,|Hn犱Lt6q�>ZΝXAe0D00�Y��~l'>FՋpO`{��ƣ�/}ƠC)�evwF{&��n='�IDπn���uMfβR?�;ô�z JJ @b
%JvM�^
=c"?? N_$�v�5�B+π��8>eHC[gy2T~{J=*P�=eZRO:]�n"8�Y ϒޒێ־(� ;F6�N�>�L�A��>X�Z��#r�9ebV)qd�F��-["@#
e`1|4aehDS0T6y6s*>ݠK��A1^<�&;z�Bc*1�ue|�nTȂU�f2{M{:��x���M0I�S`�/B�}^nT 2+1�
<&`ߟ�2%�L\�-( �O]%
hWa)0e71KLP`Ol3ӈj3w*�3/�&u@EqDgPvxGmm<^|:ym뎮�E{�gu�ݍfmx�:2 ��FW�cV|JrX}P/)W�
]'[S�ܟ=B�ɗa��҃f9_�X��($�LwEN�8u
vQѺ
v�7"�aa"^o1n,ـ9@����s=*.u�el�6r!*
XGڦFMQaW�~i`P*��AtX3'
c�ٰ���^|c�wϏp�`�3[]g0^NpN&}k\ȏ,,�d[녗Z']YQhXj�=�E"ҁ
)Q~)'vX�3e�|"@a)5\BLN�So
3pRaL ��$b[и�gvC�%�=\s.'tĵa=!>D!6�xvYpMI{�C[7nyq䗏O-)h,-(Z�NN`��YXfչ�%ȕ/�5F#x�oU��A5̺J"<&/��#iQg8&r�&5X-lu�
og"f/�On6%s|N�KIkn^�ͦG(ϙ}�>4&l>)vml-6�C-�{�j*��
|
Network Security & Hardware 
