RE: Fw: VMware vulnerability in NAT networking

• From: "Thor \(Hammer of God\)" <thor@xxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 22 Dec 2005 12:35:12 -0800

What's GFX/EFX?  They have a special acronym just for you??? :-p

-----
"I may disapprove of what you say,
but I will defend to the death your
right to say it."

----- Original Message ----- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, December 22, 2005 11:55 AM
Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking

http://www.ISAserver.org

I'm a big GFX/EFX fan too. I never use the NAT networking thing and always turn off that service and virtual adapter.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

-----Original Message-----
From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx]
Sent: Thursday, December 22, 2005 1:12 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking

http://www.ISAserver.org

Actually, I went there, and still am, and I pray to whichever
god will bring
me back Vmware GSX.

Actually Virtual Server 2005 R2 is better, namely for HT
support. Makes it
more bearable -- but I like GSX better. Or if I can afford it, ESX :)

-----Message d'origine-----
De : Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Envoyé : 21 décembre 2005 19:59
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: Fw: VMware vulnerability in NAT networking

http://www.ISAserver.org

When you go to Virt Server, you'll never go back...

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Wednesday, December 21, 2005 14:30
To: [ISAserver.org Discussion List]
Subject: [isalist] Fw: VMware vulnerability in NAT networking

http://www.ISAserver.org

Good thing I switched to VirtPC ;)

t

-----
"I may disapprove of what you say,
but I will defend to the death your
right to say it."

----- Original Message -----
From: <vmware-security-alert@xxxxxxxxxx>
To: <bugtraq@xxxxxxxxxxxxxxxxx>
Sent: Tuesday, December 20, 2005 11:47 PM
Subject: VMware vulnerability in NAT networking

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> VULNERABILITY SUMMARY
> A vulnerability has been discovered in vmnat.exe on Windows
hosts and
> vmnet-natd on Linux systems.
> The vulnerability makes it possible for a malicious guest
using a NAT
> networking
> configuration to execute unwanted code on the host machine.
>
> AFFECTED SYSTEMS:
> VMware Workstation, VMware GSX Server, VMware ACE, and
VMware Player.
>
> RESOLUTION:
> VMware believes that the vulnerability is very serious, and
recommends
> that
> affected users update their products to the new releases or
change the
> configuration of
> the virtual machine so it does not use NAT networking.
>
> The new releases are now available for download at
www.vmware.com/download
>
> If you choose not to update your product but want to ensure
that the NAT
> service
> is not available, you can disable it completely on VMware
Workstation or
> VMware
> GSX Server by following the instructions in the Knowledge
Base article
> (Answer ID 2002) at
> http://www.vmware.com/support/kb.
>
> VMware thanks Tim Shelton of ACS Security Assessment Engineering,
> Affiliated
> Computer Services, Inc., for reporting this vulnerability.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (MingW32)
>
> iD8DBQFDpz6bLsZLrftG15MRAkZFAKDi0bKef1EY0jsRPGjHgqNgegU6FQCdFJUZ
> 8IsO2kOVTmwHSMbAGSRN1qw=
> =nmuM
> -----END PGP SIGNATURE-----
>
>

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gauthiera@xxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking

1. Home
2. isalist
3. Archive
4. 12-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---