Sad.....but funny -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Thursday, December 22, 2005 5:32 PM To: ISA Mailing List Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking http://www.ISAserver.org I814U2. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls **Who is John Galt?** > -----Original Message----- > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] > Sent: Thursday, December 22, 2005 3:22 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking > > http://www.ISAserver.org > > ou812? > > ----- > "I may disapprove of what you say, > but I will defend to the death your > right to say it." > > > ----- Original Message ----- > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Thursday, December 22, 2005 1:14 PM > Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking > > > http://www.ISAserver.org > > Something I 8 > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://spaces.msn.com/members/drisa/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > **Who is John Galt?** > > > > > -----Original Message----- > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] > > Sent: Thursday, December 22, 2005 2:51 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking > > > > http://www.ISAserver.org > > > > An 8? > > > > ----- > > "I may disapprove of what you say, > > but I will defend to the death your > > right to say it." > > > > > > ----- Original Message ----- > > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > Sent: Thursday, December 22, 2005 12:43 PM > > Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking > > > > > > http://www.ISAserver.org > > > > You know what I mean GSX/ESX. > > > > Was mixing up my paraphores. > > > > Thomas W Shinder, M.D. > > Site: www.isaserver.org > > Blog: http://spaces.msn.com/members/drisa/ > > Book: http://tinyurl.com/3xqb7 > > MVP -- ISA Firewalls > > **Who is John Galt?** > > > > > > > > > -----Original Message----- > > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] > > > Sent: Thursday, December 22, 2005 2:35 PM > > > To: [ISAserver.org Discussion List] > > > Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking > > > > > > http://www.ISAserver.org > > > > > > What's GFX/EFX? They have a special acronym just for you??? :-p > > > > > > ----- > > > "I may disapprove of what you say, but I will defend to the death > > > your right to say it." > > > > > > > > > ----- Original Message ----- > > > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx> > > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > > > Sent: Thursday, December 22, 2005 11:55 AM > > > Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking > > > > > > > > > http://www.ISAserver.org > > > > > > I'm a big GFX/EFX fan too. I never use the NAT networking thing > > > and always turn off that service and virtual adapter. > > > > > > Thomas W Shinder, M.D. > > > Site: www.isaserver.org > > > Blog: http://spaces.msn.com/members/drisa/ > > > Book: http://tinyurl.com/3xqb7 > > > MVP -- ISA Firewalls > > > **Who is John Galt?** > > > > > > > > > > > > > -----Original Message----- > > > > From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx] > > > > Sent: Thursday, December 22, 2005 1:12 PM > > > > To: [ISAserver.org Discussion List] > > > > Subject: [isalist] RE: Fw: VMware vulnerability in NAT > networking > > > > > > > > http://www.ISAserver.org > > > > > > > > Actually, I went there, and still am, and I pray to whichever > > > > god will bring me back Vmware GSX. > > > > > > > > Actually Virtual Server 2005 R2 is better, namely for HT > > > > support. Makes it more bearable -- but I like GSX better. Or if > > > > I can afford > > > it, ESX :) > > > > > > > > -----Message d'origine----- > > > > De : Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Envoyé : 21 décembre > > > > 2005 19:59 À : [ISAserver.org Discussion List] Objet : [isalist] > > > > RE: Fw: VMware vulnerability in NAT networking > > > > > > > > http://www.ISAserver.org > > > > > > > > When you go to Virt Server, you'll never go back... > > > > > > > > ------------------------------------------------------- > > > > Jim Harrison > > > > MCP(NT4, W2K), A+, Network+, PCG > > > > http://isaserver.org/Jim_Harrison/ > > > > http://isatools.org > > > > Read the help / books / articles! > > > > ------------------------------------------------------- > > > > > > > > > > > > -----Original Message----- > > > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx] > > > > Sent: Wednesday, December 21, 2005 14:30 > > > > To: [ISAserver.org Discussion List] > > > > Subject: [isalist] Fw: VMware vulnerability in NAT networking > > > > > > > > http://www.ISAserver.org > > > > > > > > Good thing I switched to VirtPC ;) > > > > > > > > t > > > > > > > > ----- > > > > "I may disapprove of what you say, but I will defend to the > > > > death your right to say it." > > > > > > > > > > > > ----- Original Message ----- > > > > From: <vmware-security-alert@xxxxxxxxxx> > > > > To: <bugtraq@xxxxxxxxxxxxxxxxx> > > > > Sent: Tuesday, December 20, 2005 11:47 PM > > > > Subject: VMware vulnerability in NAT networking > > > > > > > > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > > > > Hash: SHA1 > > > > > > > > > > VULNERABILITY SUMMARY > > > > > A vulnerability has been discovered in vmnat.exe on Windows > > > > hosts and > > > > > vmnet-natd on Linux systems. > > > > > The vulnerability makes it possible for a malicious guest > > > > using a NAT > > > > > networking > > > > > configuration to execute unwanted code on the host machine. > > > > > > > > > > AFFECTED SYSTEMS: > > > > > VMware Workstation, VMware GSX Server, VMware ACE, and > > > > VMware Player. > > > > > > > > > > RESOLUTION: > > > > > VMware believes that the vulnerability is very serious, and > > > > recommends > > > > > that > > > > > affected users update their products to the new releases or > > > > change the > > > > > configuration of > > > > > the virtual machine so it does not use NAT networking. > > > > > > > > > > The new releases are now available for download at > > > > www.vmware.com/download > > > > > > > > > > If you choose not to update your product but want to ensure > > > > that the NAT > > > > > service > > > > > is not available, you can disable it completely on VMware > > > > Workstation or > > > > > VMware > > > > > GSX Server by following the instructions in the Knowledge > > > > Base article > > > > > (Answer ID 2002) at > > > > > http://www.vmware.com/support/kb. > > > > > > > > > > VMware thanks Tim Shelton of ACS Security Assessment > > Engineering, > > > > > Affiliated > > > > > Computer Services, Inc., for reporting this vulnerability. > > > > > > > > > > -----BEGIN PGP SIGNATURE----- > > > > > Version: GnuPG v1.4.2 (MingW32) > > > > > > > > > > > iD8DBQFDpz6bLsZLrftG15MRAkZFAKDi0bKef1EY0jsRPGjHgqNgegU6FQCdFJUZ > > > > > 8IsO2kOVTmwHSMbAGSRN1qw= > > > > > =nmuM > > > > > -----END PGP SIGNATURE----- > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------ > > > > List Archives: > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > ISA Server Newsletter: > > http://www.isaserver.org/pages/newsletter.asp > > > > ISA Server FAQ: > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > > ------------------------------------------------------ > > > > Visit TechGenix.com for more information about our other sites: > > > > http://www.techgenix.com > > > > ------------------------------------------------------ > > > > You are currently subscribed to this ISAserver.org > > > Discussion List as: > > > > jim@xxxxxxxxxxxx > > > > To unsubscribe visit > > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > All mail to and from this domain is GFI-scanned. > > > > > > > > > > > > ------------------------------------------------------ > > > > List Archives: > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > ISA Server Newsletter: > > http://www.isaserver.org/pages/newsletter.asp > > > > ISA Server FAQ: > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > > ------------------------------------------------------ > > > > Visit TechGenix.com for more information about our other sites: > > > > http://www.techgenix.com > > > > ------------------------------------------------------ > > > > You are currently subscribed to this ISAserver.org > > > Discussion List as: > > > > gauthiera@xxxxxxxxxxxxxxxxx > > > > To unsubscribe visit > > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > ------------------------------------------------------ > > > > List Archives: > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > ISA Server Newsletter: > > http://www.isaserver.org/pages/newsletter.asp > > > > ISA Server FAQ: > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > > ------------------------------------------------------ > > > > Visit TechGenix.com for more information about our other sites: > > > > http://www.techgenix.com > > > > ------------------------------------------------------ > > > > You are currently subscribed to this ISAserver.org Discussion > > > > List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit > > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org Discussion List > > > as: > > > thor@xxxxxxxxxxxxxxx > > > To unsubscribe visit > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > > > ------------------------------------------------------ > > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > > ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > > ------------------------------------------------------ > > > Visit TechGenix.com for more information about our other sites: > > > http://www.techgenix.com > > > ------------------------------------------------------ > > > You are currently subscribed to this ISAserver.org Discussion List > > > as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List > > as: > > thor@xxxxxxxxxxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List > > as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > thor@xxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx