VmWare 5.5

[RiC]

If you run Vmware, you need to update it ASAP

There’s a serious vulnerability that’s been found in Vmware that can make malware “leap” out of Vmware into your host system.

Since Vmware is used heavily in malware research, this is an obvious danger.

From Vmware’s KB:

A vulnerability has been discovered in vmnat.exe on Windows hosts and vmnet-natd on Linux systems. The vulnerability in this component affects VMware Workstation 5.5, VMware GSX Server 3.2, VMware ACE 1.0.1, VMware Player 1.0, and previous releases of these products. The vulnerability makes it possible for a malicious guest using a NAT networking configuration to execute unwanted code on the host machine.

VMware believes that the vulnerability is very serious and recommends that affected users update their products to the new releases available at www.vmware.com/download or change the configuration of the virtual machine so it does not use NAT networking.

Link here. More at SecurityFocus.

I just spoke with Vmware Support (Rahul was very helpful), and patches are only available for versions VMware Workstation 5.5, VMware GSX Server 3.2, VMware ACE 1.0.1, VMware Player 1.0. Apparently, all versions prior to these will need to address the problem by turning off NAT networking.

If you have any confusions or doubts, I would recommend contacting Vmware support.

Also, a tip: If you own an older version like 4.5, it’s likely considerably cheaper just to buy a Silver support contract than to pay the upgrade price. You get free upgrades with a Vmware support contract vs. just buying an upgrade. Check with Vmware to see if it makes sense.

[Shu_b]

VMware NAT Networking Buffer Overflow Vulnerability
Переполнение динамической памяти в реализации NAT в продуктах VMWare

Программа:
VMware Workstation 5.5 и более ранние версии
VMware GSX Server 3.2 и более ранние версии
VMware ACE 1.0.1 и более ранние версии
VMware Player 1.0 и более ранние версии

Опасность: Критическая
Наличие эксплоита: Нет
Описание:
Уязвимость позволяет удаленному пользователю выполнить произвольный код на целевой системе.

Переполнение динамической памяти существует из-за ошибки при обработке FTP запросов в "vmnat.exe" (Windows) и "vmnet-natd" (Linux). Удаленный пользователь может вызвать переполнение буфера с помощью специально сформированных "eprt" и "port" FTP команд. Удачная эксплуатация уязвимости позволит злоумышленнику выполнить произвольный код на целевой системе.

URL производителя: www.vmware.com

Решение: Установите исправление сайта производителя.
http://www.vmware.com/download

Источники:
http://secunia.com/advisories/18162/
http://www.securitylab.ru/vulnerability/243282.php

Original Advisory:
VMware:
http://www.vmware.com/support/kb/end...p?p_faqid=2000