In association with heise online

« previous | next »
7 November 2008, 11:07

Flaw in VMware's CPU emulation allows privilege elevation

VMware has released updates for several of its products to solve two security problems. According to the vendor, the CPU hardware emulation contains a bug which causes trap flags to be processed incorrectly. The report says attackers could exploit this to elevate their privileges in guest systems. No further details were given.

While all product lines are generally affected, the flaw is no longer contained in the current Workstation and Player versions. All of the ESX and ESXi servers are still vulnerable. In addition, ESXi 3.5 and ESX 3.5 contain a directory traversal hole. The patches for the respective versions can be found in the vendor's original report.

See also:

(djwm)

Add your comment

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-738031

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung SSD 830 Series 128GB
  2. Samsung SSD 830 Series 256GB
  3. Samsung SSD 830 Series Desktop Upgrade Kit 256GB
  4. Intel Core i5-3570K
  5. Samsung Galaxy S3 i9300 16GB blau
  6. Crucial m4 SSD 128GB
  7. Gigabyte GeForce GTX 670 OC
  8. Diablo 3 (deutsch)
  9. Palit GeForce GTX 670
  10. Samsung Galaxy Nexus i9250 16GB silber

The H

The H open source

The H Security

The H Internet Toolkit