In association with heise online

02 June 2008, 09:39

Update closes critical holes in VMWare Workstation, Player and ACE

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A flaw in VMWare's shared folders has been identified, which could allow an attacker to break out of the guest virtual machine. A similar problem was found and fixed in Feburary this year. A heap overflow in the VMware Host Guest File System (HGFS) allows users to break out of the virtual environment. According to a statement by the vendor the overflow allows malicious code to be executed on the host system. However, shared folders are not enabled by default in any VMware products. VMware Workstation 6.0.3, VMware Player 2.0.3, VMware ACE 2.0.3 and VMware Fusion 1.1.1 are affected, as are the earlier versions of the equivalent products for Windows, Linux and Mac. VMware Workstation 5.x, VMware Player 1.x and VMware ACE 1.x are not affected, although the vendor has explicitly pointed out that these products will no longer be supported from September 11, 2008. VMware Server, ESX and ESXi are not vulnerable because they don't support shared folders.

The new versions also fix another vulnerability which allowed attackers to inject and execute arbitrary code on the host system. The problem was caused by an undocumented flaw in the experimental Virtual Machine Communication Interface (VCMI) feature of VMware Workstation 6.x, VMware Player 2.x and VMware ACE 2.x. This feature is designed to enable guest systems to communicate with each other. The flaw affects Windows systems but not Linux systems. The vendor already had to fix a vulnerability in VCMI in a previous update.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit