Re: Reports on Hypervisors

[Olivier Médoc <o_medoc () yahoo fr>]

A case where shared folders have been attacked to get control of the 
host (apparently Windows/VMware Workstation):

http://www.darkreading.com/security/application-security/211201078/index.html

Another attack on the "Virtual Machine display function" 
(http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1244). The 
exploit only works for vmware Workstation if I remember correctly, but 
the vulnerability is also present on VMWare ESXi.

I think the CANVAS team sent a demonstration video somewhere on the web.

http://www.darkreading.com/security-services/167801101/security/application-security/217701908/hacking-tool-lets-a-vm-break-out-and-attack-its-host.html

Cases where a virtual machine host has been compromised DO exists. Now, 
you just has to hope that hypervisor provider are reactive on these kind 
of issues...

Le 29/03/2012 19:43, Main Framed a écrit :
> Hi All,
>
> I'm wondering if anyone has any stories or articles about whether or 
> not there are any known instances when a hypervisor was hacked though 
> a compromised VM or are they any known instances when a VM was 
> exploited because it was on the same host as a compromised VM (i.e. 
> moving from one VM to the next)?
>
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com