|
- Vendors & Products >
-
Radar
The Virtualization Industry Radar is the virtualization.info database tracking over 80 virtualization vendors and more than 100 products. -
Roadmap
The Virtualization Industry Roadmap tracks the past and upcoming releases for all the virtualization products listed on the Radar. -
Buyer's Guide
The virtualization.info Buyer's Guide compares the feature-set of several products in the same market segment. -
Reviews
The virtualization.info Review Center publishes extensive and unbiased analysis of enterprise virtualization products.
-
Radar
- Market Trends >
-
Challenges
The Virtualization Industry Challenges report tracks the top 10 issues when embracing virtualization. -
Predictions
The Virtualization Industry Predictions tracks all the forecasts of the leading analysis firms about the virtualization market for the next 5-10 years.
-
Challenges
- Resources >
-
Webcasts
The virtualization.info video library collects webcasts from the industry vendors about several virtualization topics. -
Interviews
Unplugged discussions with virtualization leaders.
-
Webcasts
- Services >
-
Rent-A-Lab
Rent-A-Lab is an on-demand data center that virtualization professionals can rent and access remotely. -
Job Board
The virtualization.info's Job Board is the place to go when looking for a new cool job in the virtualization industry. -
Bookstore
The virtualization.info's Bookstore allows to browse and buy any English book about virtualization technologies. Powered by Amazon.
-
Rent-A-Lab
- Get Together >
-
Vanguards Community
The virtualization.info Vanguards network connects over 2000 vitualization professionals across the globe. -
Virtualization Congress
The Virtualization Congress is the virtualization.info's independent conference about application, OS and hardware virtualization.
-
Vanguards Community
Major security vulnerability found in VMware products
Posted by Alessandro Perilli
| Wednesday, December 21, 2005
| 1 Comments
A new major security issue was found and communicated to VMware before posting on SecurityFocus (as ethical bug hunting should always be).
The flaw permits a malicious guest OS configured to use VMware NAT networking (VMnet8) to execute arbitrary code on host OS.
VMware products afflicted are Workstation 5.5, GSX Server 3.2, ACE 1.0.1 and Player 1.0.0.
To track the issue monitor the related VMware Knowledge Base article.
While the VMware Player is just released as 1.0.1 to fix the vulnerability, VMware still expected to release updated bits for Workstation, GSX and ACE.
Meanwhile you should disable the VMware NAT networking device as explained in this VMware Knowledge Base article.
Update: All afflicted products are now updated:
- Workstation 5.5.1 (b19175)
- GSX Server 3.2.1 (b19281)
- ACE 1.0.2 (b19206)
Bookmark & share this article
| Email this article 
| Subscribe to virtualization.info
| Email this article
| Subscribe to virtualization.info
1 Comments
slon26
Thursday, December 22, 2005 11:01:00 AM
VMware already released 5.5.1 where fixed this.
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
VMware v.5.5.1 Build 19175
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
VMware v.5.5.1 Build 19175
Add New Comment
About virtualization.info | Advertise | Contact | Subscribe | Sitemap
Copyright © 2003-2009 virtualization.info. All rights reserved.
Copyright © 2003-2009 virtualization.info. All rights reserved.
virtualization.info Editions: 日本語 | iPhone™
virtualization.info Network: virtualization.info | virtualization.tv | Virtualization Congress
virtualization.info Network: virtualization.info | virtualization.tv | Virtualization Congress
