TUCoPS :: Linux :: Apps N-Z :: bt1423.txt

VMware GSX Server 2.5.1 / Workstation 4.0 (for Linux systems) vulnerability 


This is a multi-part message in MIME format.

------=_NextPart_000_00FA_01C39ED0.385FE260
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit


----- Original Message -----
From: "Dave Ahmad" <da@securityfocus.com>
To: <bugtraq@securityfocus.com>
Sent: Wednesday, July 23, 2003 2:09 PM
Subject: VMware GSX Server 2.5.1 / Workstation 4.0 (for Linux systems)
vulnerability


>
> David Mirza Ahmad
> Symantec
>
> PGP: 0x26005712
> 8D 9A B1 33 82 3D B3 D0 40 EB  AB F0 1E 67 C6 1A 26 00 57 12
> --
> The battle for the past is for the future.
> We must be the winners of the memory war.

------=_NextPart_000_00FA_01C39ED0.385FE260
Content-Type: application/octet-stream;
	name="GSX_WS_PR29113_Bugtraq_vulnerability_posting.asc"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
	filename="GSX_WS_PR29113_Bugtraq_vulnerability_posting.asc"

-----BEGIN PGP SIGNED MESSAGE-----=0D
Hash: SHA1=0D
=0D
=0D
=0D
Description=0D
- -----------=0D
=0D
The following products have a vulnerability that can allow a=0D
user of the host system to start an arbitrary program with=0D
root privileges: =0D
=0D
VMware GSX Server 2.5.1 (for Linux systems) build 4968 and=0D
earlier releases VMware Workstation 4.0 (for Linux systems)=0D
and earlier releases  =0D
=0D
=0D
Details/Impact=0D
- --------------=0D
=0D
By manipulating the VMware GSX Server and VMware Workstation=0D
environment variables, a program such as a shell session with=0D
root privileges could be started when a virtual machine is=0D
launched. The user would then have full access to the host.=0D
=0D
VMware strongly urges customers running GSX Server and=0D
Workstation (for Linux systems) to upgrade as soon=0D
as possible. =0D
=0D
Customers running any version of VMware GSX Server or=0D
Workstation (for Windows operating systems) are not subject to=0D
this vulnerability. =0D
=0D
Solution=0D
- --------=0D
=0D
To correct the vulnerability in VMware Workstation 4.0, VMware=0D
has released the following: =0D
=0D
- - Workstation 4.0.1 =0D
=0D
To correct the vulnerability in GSX Server 2.5.1, VMware will=0D
release the following: =0D
=0D
- - GSX Server 2.5.1 patch 1 (for Linux systems) =0D
=0D
Details=0D
- -----------=0D
GSX Server 2.5.1 patch 1 (for Linux systems) =0D
=0D
VMware GSX Server customers with support services are entitled=0D
to download and install this patched version. VMware strongly=0D
urges customers running GSX Server (for Linux =0D
systems) to upgrade as soon as possible.=0D
=0D
VMware GSX Server customers with support services are entitled=0D
to download and install this patched version from =0D
=0D
http://www.vmware.com/vmwarestore/newstore/download.jsp?ProductCode=3DGSX=
-LX-ESD=0D
=0D
This will be available soon. =0D
=0D
Upgrade instructions are at:=0D
http://www.vmware.com/support/gsx25/doc/upgrade_gsx.html=0D
=0D
- -----------=0D
VMware Workstation 4.0.1 =0D
=0D
VMware Workstation customers, if covered under the VMware Workstation =
Product=0D
Upgrade Policy as described at:=0D
=0D
http://www.vmware.com/vmwarestore/pricing.html=0D
=0D
are entitled to download and install this updated version from=0D
=0D
http://www.vmware.com/vmwarestore/newstore/download.jsp?ProductCode=3DWKS=
T4-LX-ESD=0D
=0D
This is available today. =0D
=0D
Upgrade instructions are at=0D
=0D
http://www.vmware.com/support/ws4/doc/ws40_upgrade.html=0D
=0D
=0D
Notes=0D
- -----=0D
=0D
* VMware wishes to thank Paul Szabo of the University of Sydney for =
alerting us=0D
to this vulnerability.=0D
=0D
His Web page is at: =0D
http://www.maths.usyd.edu.au:8000/u/psz/=0D
=0D
=0D
* VMware has posted a knowledge base article that describes this =
problem:=0D
=0D
http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=3D1039=0D
=0D
- -----------------=0D
This document is clear signed with PGP.  =0D
=0D
VMware has the PGP public key available at=0D
=0D
http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=3D1055=0D
=0D
Some mail programs cause changes to mail messages and content,=0D
which may result in an indication that the PGP signature for=0D
this message is not valid.  This may also occur if this=0D
message is forwarded through another email distribution list=0D
that changes the "From" field.  Please try to save the message=0D
into a file and then running PGP on it.=0D
-----BEGIN PGP SIGNATURE-----=0D
Version: GnuPG v1.2.2 (MingW32)=0D
=0D
iD8DBQE/HwWTLsZLrftG15MRAhXiAJ9vFcGCqKmTG+vzqXrHoiXbuTFNnACgwBwp=0D
K3nnGqL48DDolgn8TFY6zSY=3D=0D
=3DDblu=0D
-----END PGP SIGNATURE-----=0D

------=_NextPart_000_00FA_01C39ED0.385FE260--

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH