Read more...In a research note analyzing the deal, Gartner analyst Neil MacDonald says he expects VMware to integrate Determina's Memory Firewall technology into its existing products, including the ESX hypervisor, and to stop selling the Determina products as standalones. Determina's technology is unique in the HIPS market, as it is designed to protect the operating system and applications by preventing malicious code from abusing memory, which is typical of attacks such buffer overflows.
Determina, based in Redwood City, Calif., also has a development lab in Cambridge, Mass., where VMware has its East Coast headquarters. One of Determina's co-founders, Vladimir Kiriansky, whose thesis work at MIT led to the development of the Memory Firewall, previously worked at VMware.
vulnerable software: VMware Workstation 6.0 for Windows, possible some other VMware products as well type of vulnerability: DoS, potential privilege escalation I found a vulnerability in VMware Workstation 6.0 which allows an unprivileged user in the host OS to crash the system and potentially run arbitrary code with kernel privileges. The issue is in the vmstor-60 driver, which is supposed to mount VMware images within the host OS. When sending the IOCTL code FsSetVoleInformation with subcode FsSetFileInformation with a large buffer and underreporting its size to at max 1024 bytes, it will underrun and potentially execute arbitrary code. Security focus
Comments
Post a Comment