Today we’re excited to announce the availability of new training and consulting services including the first Linux virtualization course of its kind to be offered. Our new training and services will pave a smooth path for our customers to gain cost savings and flexibility.Check out their Virtualization Assessment data sheet. Errr.. what Virtualization are we selling here, Xen, KVM?? Anyways check out their announcement.
RH184 Red Hat Enterprise Linux Virtualization is a new two-day training course providing the domain expertise needed to install, configure and manage virtual hosts on Red Hat Enterprise Linux 5. It’s the first course dedicated to virtualization technology in the Linux training market and will prepare customers to maximize performance, cost savings and operational efficiency enabled by Red Hat Enterprise Linux integrated virtualization capabilities. If you’re a Red Hat certified professional or experienced Linux system administrator planning a move to Red Hat Enterprise Linux Advanced Platform, this course is a perfect fit for you. Our new course joins Red Hat’s growing list of more than 30 different training courses and will be available to system administrators with a base Unix or Linux knowledge. Like all Red Hat training courses, it’s taught exclusively on live production systems. Prerequisites for the course include a Red Hat Certified Technician (RHCT) certification or equivalent knowledge.
vulnerable software: VMware Workstation 6.0 for Windows, possible some other VMware products as well type of vulnerability: DoS, potential privilege escalation I found a vulnerability in VMware Workstation 6.0 which allows an unprivileged user in the host OS to crash the system and potentially run arbitrary code with kernel privileges. The issue is in the vmstor-60 driver, which is supposed to mount VMware images within the host OS. When sending the IOCTL code FsSetVoleInformation with subcode FsSetFileInformation with a large buffer and underreporting its size to at max 1024 bytes, it will underrun and potentially execute arbitrary code. Security focus
Comments
Post a Comment