RE: Fw: VMware vulnerability in NAT networking

• From: "Steve Moffat" <steve@xxxxxxxxxx>
• To: "ISA Mailing List" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 22 Dec 2005 17:37:26 -0400

Sad.....but funny



-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Thursday, December 22, 2005 5:32 PM
To: ISA Mailing List
Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking

http://www.ISAserver.org

I814U2.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

 

> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Thursday, December 22, 2005 3:22 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking
> 
> http://www.ISAserver.org
> 
> ou812?
> 
> -----
> "I may disapprove of what you say,
> but I will defend to the death your
> right to say it."
> 
> 
> ----- Original Message -----
> From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Thursday, December 22, 2005 1:14 PM
> Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking
> 
> 
> http://www.ISAserver.org
> 
> Something I 8
> 
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> **Who is John Galt?**
> 
> 
> 
> > -----Original Message-----
> > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > Sent: Thursday, December 22, 2005 2:51 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking
> >
> > http://www.ISAserver.org
> >
> > An 8?
> >
> > -----
> > "I may disapprove of what you say,
> > but I will defend to the death your
> > right to say it."
> >
> >
> > ----- Original Message -----
> > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Thursday, December 22, 2005 12:43 PM
> > Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking
> >
> >
> > http://www.ISAserver.org
> >
> > You know what I mean GSX/ESX.
> >
> > Was mixing up my paraphores.
> >
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > **Who is John Galt?**
> >
> >
> >
> > > -----Original Message-----
> > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > > Sent: Thursday, December 22, 2005 2:35 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking
> > >
> > > http://www.ISAserver.org
> > >
> > > What's GFX/EFX?  They have a special acronym just for you??? :-p
> > >
> > > -----
> > > "I may disapprove of what you say, but I will defend to the death 
> > > your right to say it."
> > >
> > >
> > > ----- Original Message -----
> > > From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Thursday, December 22, 2005 11:55 AM
> > > Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > > I'm a big GFX/EFX fan too. I never use the NAT networking thing 
> > > and always turn off that service and virtual adapter.
> > >
> > > Thomas W Shinder, M.D.
> > > Site: www.isaserver.org
> > > Blog: http://spaces.msn.com/members/drisa/
> > > Book: http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > > **Who is John Galt?**
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: Alexandre Gauthier [mailto:gauthiera@xxxxxxxxxxxxxxxxx]
> > > > Sent: Thursday, December 22, 2005 1:12 PM
> > > > To: [ISAserver.org Discussion List]
> > > > Subject: [isalist] RE: Fw: VMware vulnerability in NAT
> networking
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > Actually, I went there, and still am, and I pray to whichever 
> > > > god will bring me back Vmware GSX.
> > > >
> > > > Actually Virtual Server 2005 R2 is better, namely for HT 
> > > > support. Makes it more bearable -- but I like GSX better. Or if 
> > > > I can afford
> > > it, ESX :)
> > > >
> > > > -----Message d'origine-----
> > > > De : Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Envoyé : 21 décembre 
> > > > 2005 19:59 À : [ISAserver.org Discussion List] Objet : [isalist] 
> > > > RE: Fw: VMware vulnerability in NAT networking
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > When you go to Virt Server, you'll never go back...
> > > >
> > > > -------------------------------------------------------
> > > >    Jim Harrison
> > > >    MCP(NT4, W2K), A+, Network+, PCG
> > > >    http://isaserver.org/Jim_Harrison/
> > > >    http://isatools.org
> > > >    Read the help / books / articles!
> > > > -------------------------------------------------------
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> > > > Sent: Wednesday, December 21, 2005 14:30
> > > > To: [ISAserver.org Discussion List]
> > > > Subject: [isalist] Fw: VMware vulnerability in NAT networking
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > > Good thing I switched to VirtPC ;)
> > > >
> > > > t
> > > >
> > > > -----
> > > > "I may disapprove of what you say, but I will defend to the 
> > > > death your right to say it."
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: <vmware-security-alert@xxxxxxxxxx>
> > > > To: <bugtraq@xxxxxxxxxxxxxxxxx>
> > > > Sent: Tuesday, December 20, 2005 11:47 PM
> > > > Subject: VMware vulnerability in NAT networking
> > > >
> > > >
> > > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > > Hash: SHA1
> > > > >
> > > > > VULNERABILITY SUMMARY
> > > > > A vulnerability has been discovered in vmnat.exe on Windows
> > > > hosts and
> > > > > vmnet-natd on Linux systems.
> > > > > The vulnerability makes it possible for a malicious guest
> > > > using a NAT
> > > > > networking
> > > > > configuration to execute unwanted code on the host machine.
> > > > >
> > > > > AFFECTED SYSTEMS:
> > > > > VMware Workstation, VMware GSX Server, VMware ACE, and
> > > > VMware Player.
> > > > >
> > > > > RESOLUTION:
> > > > > VMware believes that the vulnerability is very serious, and
> > > > recommends
> > > > > that
> > > > > affected users update their products to the new releases or
> > > > change the
> > > > > configuration of
> > > > > the virtual machine so it does not use NAT networking.
> > > > >
> > > > > The new releases are now available for download at
> > > > www.vmware.com/download
> > > > >
> > > > > If you choose not to update your product but want to ensure
> > > > that the NAT
> > > > > service
> > > > > is not available, you can disable it completely on VMware
> > > > Workstation or
> > > > > VMware
> > > > > GSX Server by following the instructions in the Knowledge
> > > > Base article
> > > > > (Answer ID 2002) at
> > > > > http://www.vmware.com/support/kb.
> > > > >
> > > > > VMware thanks Tim Shelton of ACS Security Assessment
> > Engineering,
> > > > > Affiliated
> > > > > Computer Services, Inc., for reporting this vulnerability.
> > > > >
> > > > > -----BEGIN PGP SIGNATURE-----
> > > > > Version: GnuPG v1.4.2 (MingW32)
> > > > >
> > > > > 
> iD8DBQFDpz6bLsZLrftG15MRAkZFAKDi0bKef1EY0jsRPGjHgqNgegU6FQCdFJUZ
> > > > > 8IsO2kOVTmwHSMbAGSRN1qw=
> > > > > =nmuM
> > > > > -----END PGP SIGNATURE-----
> > > > >
> > > > >
> > > >
> > > >
> > > > ------------------------------------------------------
> > > > List Archives: 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > > ------------------------------------------------------
> > > > Visit TechGenix.com for more information about our other sites:
> > > > http://www.techgenix.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org
> > > Discussion List as:
> > > > jim@xxxxxxxxxxxx
> > > > To unsubscribe visit
> > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > > All mail to and from this domain is GFI-scanned.
> > > >
> > > >
> > > > ------------------------------------------------------
> > > > List Archives: 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > > ------------------------------------------------------
> > > > Visit TechGenix.com for more information about our other sites:
> > > > http://www.techgenix.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org
> > > Discussion List as:
> > > > gauthiera@xxxxxxxxxxxxxxxxx
> > > > To unsubscribe visit
> > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > > ------------------------------------------------------
> > > > List Archives: 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > > ------------------------------------------------------
> > > > Visit TechGenix.com for more information about our other sites:
> > > > http://www.techgenix.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org Discussion 
> > > > List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit 
> > > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >
> > > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: 
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: 
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List 
> > > as:
> > > thor@xxxxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: 
> http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: 
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List 
> > > as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit 
> > > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >
> > >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List 
> > as:
> > thor@xxxxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List 
> > as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit 
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> thor@xxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as: 
> tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
isalist@xxxxxxxxxx To unsubscribe visit 
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking

1. Home
2. isalist
3. Archive
4. 12-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---