New features:
New in Version 6.0.3
Workstation 6.0.3 adds full support for the following operating systems:
* 32-bit and 64-bit Ubuntu Linux 7.10 as host and guest operating systems
* 32-bit and 64-bit Red Hat Enterprise Linux 4.6 as host and guest operating systems
* 32-bit and 64-bit Asianux Server 3 as a guest operating system
* 32-bit and 64-bit Turbolinux 10 Server as a guest operating system
Note: The Eclipse Integrated Virtual Debugger is not yet supported on Ubuntu Linux 7.10 and Red Hat Enterprise Linux 4.6 hosts.
Workstation 6.0.3 addresses the following security issues:
* On Windows hosts, if you have configured and enabled a shared folder, it is possible for an attacker to write arbitrary content from a guest system to arbitrary locations on the host system (CORE-2007-0930). (bug 200360)
* An internal security audit determined that a malicious user could attain and exploit LocalSystem privileges by causing the authd process to connect to a named pipe that is opened and controlled by the malicious user. (Foundstone CODE-BUG-H-001) In this situation, the malicious user could successfully impersonate authd and attain privileges under which Authd is executing. (bug 193049)
* This release updates the libpng library to version 1.2.22 to remove various security vulnerabilities. (bug 224453)
* This release updates the OpenSSL library to address various vulnerabilities to denial-of-service attacks and buffer overflows. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following names to these issues: CVE-2006-2940, CVE-2006-2937, CVE-2006-4343. (bug 216493)
* Workstation 6.0.2 allowed anonymous console access to the guest by means of the VIX API. This release, Workstation 6.0.3, disables this feature. This means that the Eclipse Integrated Virtual Debugger and the Visual Studio Integrated Virtual Debugger will now prompt for user account credentials to access a guest. (bug 187785)
Workstation 6.0.3 is also a maintenance bug fix release to improve VMware Workstation 6.0.2. See Fixed Bugs for information about additional bug fixes.
Get it here.
New in Version 6.0.3
Workstation 6.0.3 adds full support for the following operating systems:
* 32-bit and 64-bit Ubuntu Linux 7.10 as host and guest operating systems
* 32-bit and 64-bit Red Hat Enterprise Linux 4.6 as host and guest operating systems
* 32-bit and 64-bit Asianux Server 3 as a guest operating system
* 32-bit and 64-bit Turbolinux 10 Server as a guest operating system
Note: The Eclipse Integrated Virtual Debugger is not yet supported on Ubuntu Linux 7.10 and Red Hat Enterprise Linux 4.6 hosts.
Workstation 6.0.3 addresses the following security issues:
* On Windows hosts, if you have configured and enabled a shared folder, it is possible for an attacker to write arbitrary content from a guest system to arbitrary locations on the host system (CORE-2007-0930). (bug 200360)
* An internal security audit determined that a malicious user could attain and exploit LocalSystem privileges by causing the authd process to connect to a named pipe that is opened and controlled by the malicious user. (Foundstone CODE-BUG-H-001) In this situation, the malicious user could successfully impersonate authd and attain privileges under which Authd is executing. (bug 193049)
* This release updates the libpng library to version 1.2.22 to remove various security vulnerabilities. (bug 224453)
* This release updates the OpenSSL library to address various vulnerabilities to denial-of-service attacks and buffer overflows. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following names to these issues: CVE-2006-2940, CVE-2006-2937, CVE-2006-4343. (bug 216493)
* Workstation 6.0.2 allowed anonymous console access to the guest by means of the VIX API. This release, Workstation 6.0.3, disables this feature. This means that the Eclipse Integrated Virtual Debugger and the Visual Studio Integrated Virtual Debugger will now prompt for user account credentials to access a guest. (bug 187785)
Workstation 6.0.3 is also a maintenance bug fix release to improve VMware Workstation 6.0.2. See Fixed Bugs for information about additional bug fixes.
Get it here.
Comments
Post a Comment