Bugtraq mailing list archives
Re: VMWare poor guest isolation design
From: "Matt Richard" <matt.richard () gmail com>
Date: Fri, 24 Aug 2007 10:43:34 -0400
On 8/23/07, Arthur Corliss <corliss () digitalmages com> wrote:
On Wed, 22 Aug 2007, M. Burnett wrote:I have run across a design issue in VMware's scripting automation API that diminishes VM guest/host isolation in such a manner to facilitate privilege escalation, spreading of malware, and compromise of guest operating systems.Furthermore, this attack only works if you are running the vmware guest utilities *and* you are currently logged into a GUI desktop running the vmware userland process. In (not so) short, this attack vector is virtually worthless if reasonable security practices are employed.
There are other methods of compromising guests without any requirements for API's, GUI's, etc - http://www.mnin.org/write/2006_vmshell_injection.pdf. -- Matt Richard
Current thread:
- RE: VMWare poor guest isolation design, (continued)
- RE: VMWare poor guest isolation design James C. Slora Jr. (Aug 24)
- Re: VMWare poor guest isolation design Jonathan Yu (Aug 24)
- Re: VMWare poor guest isolation design Arthur Corliss (Aug 24)
- Re: VMWare poor guest isolation design Jonathan Yu (Aug 24)
- More on VMWare poor guest isolation design M. Burnett (Aug 25)
- Re: More on VMWare poor guest isolation design Tim Newsham (Aug 27)
- RE: More on VMWare poor guest isolation design M. Burnett (Aug 27)
- RE: More on VMWare poor guest isolation design Tim Newsham (Aug 30)
- RE: More on VMWare poor guest isolation design Arthur Corliss (Aug 30)
- Re: More on VMWare poor guest isolation design Wietse Venema (Aug 27)
- Re: VMWare poor guest isolation design Arthur Corliss (Aug 24)
- RE: VMWare poor guest isolation design Arthur Corliss (Aug 25)
- RE: VMWare poor guest isolation design Ken Kousky (Aug 27)
- RE: VMWare poor guest isolation design Arthur Corliss (Aug 30)