vulnerable software: VMware Workstation 6.0 for Windows, possible some other VMware products as well type of vulnerability: DoS, potential privilege escalation I found a vulnerability in VMware Workstation 6.0 which allows an unprivileged user in the host OS to crash the system and potentially run arbitrary code with kernel privileges. The issue is in the vmstor-60 driver, which is supposed to mount VMware images within the host OS. When sending the IOCTL code FsSetVoleInformation with subcode FsSetFileInformation with a large buffer and underreporting its size to at max 1024 bytes, it will underrun and potentially execute arbitrary code. Security focus
REAL-TIME MARKET ANALYSIS & RESEARCH ON CLOUD COMPUTING, FINANCIAL MARKETS, VIRTUALIZATION, GLOBAL SOURCING, EMERGING TRENDS AND BUSINESS STRATEGIES
Punished for what having a great technology and helping create a new industry?
ReplyDeletePlease
Totally agree with you. I think the market is a bit too nervous and its time to have some settling down. VMware didn't need to plunge this low, it'll climb up for sure.
ReplyDeleteThe markets are a bit too volatile, just a bit too much for my tastes!