RE: Fw: VMware vulnerability in NAT networking

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 21 Dec 2005 16:55:44 -0800

It's all in your head... 


-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: John T (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] 
Sent: Wednesday, December 21, 2005 16:49
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking

http://www.ISAserver.org

But if it is virtual, does it actually exist?

John T
eServices For You


> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
> Sent: Wednesday, December 21, 2005 2:29 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Fw: VMware vulnerability in NAT networking
> 
> http://www.ISAserver.org
> 
> Good thing I switched to VirtPC ;)
> 
> t
> 
> -----
> "I may disapprove of what you say,
> but I will defend to the death your
> right to say it."
> 
> 
> ----- Original Message -----
> From: <vmware-security-alert@xxxxxxxxxx>
> To: <bugtraq@xxxxxxxxxxxxxxxxx>
> Sent: Tuesday, December 20, 2005 11:47 PM
> Subject: VMware vulnerability in NAT networking
> 
> 
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > VULNERABILITY SUMMARY
> > A vulnerability has been discovered in vmnat.exe on Windows hosts 
> > and vmnet-natd on Linux systems.
> > The vulnerability makes it possible for a malicious guest using a 
> > NAT networking configuration to execute unwanted code on the host 
> > machine.
> >
> > AFFECTED SYSTEMS:
> > VMware Workstation, VMware GSX Server, VMware ACE, and VMware Player.
> >
> > RESOLUTION:
> > VMware believes that the vulnerability is very serious, and 
> > recommends that affected users update their products to the new 
> > releases or change the configuration of the virtual machine so it 
> > does not use NAT networking.
> >
> > The new releases are now available for download at
www.vmware.com/download
> >
> > If you choose not to update your product but want to ensure that the 
> > NAT service is not available, you can disable it completely on 
> > VMware Workstation or VMware GSX Server by following the 
> > instructions in the Knowledge Base article (Answer ID 2002) at 
> > http://www.vmware.com/support/kb.
> >
> > VMware thanks Tim Shelton of ACS Security Assessment Engineering, 
> > Affiliated Computer Services, Inc., for reporting this 
> > vulnerability.
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.2 (MingW32)
> >
> > iD8DBQFDpz6bLsZLrftG15MRAkZFAKDi0bKef1EY0jsRPGjHgqNgegU6FQCdFJUZ
> > 8IsO2kOVTmwHSMbAGSRN1qw=
> > =nmuM
> > -----END PGP SIGNATURE-----
> >
> >
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> johnlist@xxxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx To unsubscribe visit 
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

• » Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking
• » RE: Fw: VMware vulnerability in NAT networking

1. Home
2. isalist
3. Archive
4. 12-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---