Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: VMware Advisories and Patches SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
VMware Advisories and Patches

VMware released the following new and updated security advisories on October 4th:

 - VMSA-2008-0016 (new advisory)
  http://www.vmware.com/security/advisories/VMSA-2008-0016.html
  http://lists.vmware.com/pipermail/security-announce/2008/000037.html

 - VMSA-2008-0014.2 (updated advisory)
  http://www.vmware.com/security/advisories/VMSA-2008-0014.html 
  http://lists.vmware.com/pipermail/security-announce/2008/000038.html

These advisories list security issues that have been fixed in the following releases:

- VirtualCenter 2.5 Update 3 released on 10/3/08
- patches for ESXi and ESX 3.5 released on 10/3/08
- patches for ESX 3.0.1, 3.0.2, 3.0.3 released on 9/30/08
- new versions of VMware Workstation, Player, ACE, Server released on 7/28/08

The corresponding new blog entry is linked from http://www.vmware.com/security/

Please contact security@vmware.com if you have any questions.

Marcus H. Sachs
Director, SANS Internet Storm Center

Marcus

301 Posts
ISC Handler
from http://blogs.vmware.com/security/2008/10/new-and-updated.html

"One of the fixed security issues is a privilege escalation on certain 64-bit guest operating systems, CVE-2008-4279. It allows an attacker with a login account on a guest operating system to elevate their privileges on that system. The flaw doesn't allow for compromising the host system."

Two things, the link on CVE-2008-4279 is broken - not a SANS issue but it makes one wonder about control processes at VMWare especially in light of the last sentence in the excerpt above.

If a user can elevate their privileges on a guest system, they can gain access to areas they are normally prevented from reaching, thereby effecting a compromise. How can the blog statement possibly be true? It is if you consider insider exploitation to not be a compromise. An inappropriate view, but again, it makes one wonder about the thought processes over at VMWare.
Alan

57 Posts
Sorry about the broken links. I just fixed them. Also, two of the VMware links are not live yet. I just made a note of that.
Marcus

301 Posts
ISC Handler
Sorry about the broken links. I just fixed them. Also, two of the VMware links are not live yet. I just made a note of that.
Marcus

301 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!