Dailydave mailing list archives
Congrats to Ryan Smith and Neel Mehta!
From: Dave Aitel <dave () immunityinc com>
Date: Thu, 20 Sep 2007 09:45:45 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For their VMWare DHCP bug: This release fixes several vulnerabilities in the DHCP server that could enable a specially crafted packets to gain system-level privileges. (CVE-2007-0061, CVE-2007-0062, CVE-2007-0063) I wonder if there's any way to trigger that when you're not behind the VMWare NAT or in Host-Only mode. Also this bug from Rafal Wojtchzvk looks really cool (and quite vague - - does it work without VMWare tools installed? Going to have to say he plays with the paravirtualization stack maybe?). This release fixes a security vulnerability that could allow a guest operating system user with administrative privileges to cause memory corruption in a host process, and thus potentially execute arbitrary code on the host. (CVE-2007-4496) - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFG8nmHB8JNm+PA+iURAqr7AJ9EvT31TADKMJzwfAfYHLyctFvpFACeI/Id QIHXZcz/OnIk0cU1inlPTXE= =ViUZ -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Congrats to Ryan Smith and Neel Mehta! Dave Aitel (Sep 20)