RE: Fw: VMware vulnerability in NAT networking

From: "Thor \(Hammer of God\)" <thor@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Date: Wed, 21 Dec 2005 17:47:18 -0800

Norman, please coordinate!

-----
"I may disapprove of what you say,
but I will defend to the death your
right to say it."

----- Original Message ----- From: "Jim Harrison" <Jim@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Wednesday, December 21, 2005 4:55 PM Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking


http://www.ISAserver.org

It's all in your head...


-------------------------------------------------------
  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!
-------------------------------------------------------


-----Original Message-----
From: John T (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: Wednesday, December 21, 2005 16:49
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Fw: VMware vulnerability in NAT networking

http://www.ISAserver.org

But if it is virtual, does it actually exist?

John T
eServices For You

-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@xxxxxxxxxxxxxxx]
Sent: Wednesday, December 21, 2005 2:29 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Fw: VMware vulnerability in NAT networking

http://www.ISAserver.org

Good thing I switched to VirtPC ;)

-----
"I may disapprove of what you say,
but I will defend to the death your
right to say it."


----- Original Message -----
From: <vmware-security-alert@xxxxxxxxxx>
To: <bugtraq@xxxxxxxxxxxxxxxxx>
Sent: Tuesday, December 20, 2005 11:47 PM
Subject: VMware vulnerability in NAT networking


> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> VULNERABILITY SUMMARY
> A vulnerability has been discovered in vmnat.exe on Windows hosts
> and vmnet-natd on Linux systems.
> The vulnerability makes it possible for a malicious guest using a
> NAT networking configuration to execute unwanted code on the host
> machine.
>
> AFFECTED SYSTEMS:
> VMware Workstation, VMware GSX Server, VMware ACE, and VMware Player.
>
> RESOLUTION:
> VMware believes that the vulnerability is very serious, and
> recommends that affected users update their products to the new
> releases or change the configuration of the virtual machine so it
> does not use NAT networking.
>
> The new releases are now available for download at

www.vmware.com/download

>
> If you choose not to update your product but want to ensure that the
> NAT service is not available, you can disable it completely on
> VMware Workstation or VMware GSX Server by following the
> instructions in the Knowledge Base article (Answer ID 2002) at
> http://www.vmware.com/support/kb.
>
> VMware thanks Tim Shelton of ACS Security Assessment Engineering,
> Affiliated Computer Services, Inc., for reporting this
> vulnerability.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (MingW32)
>
> iD8DBQFDpz6bLsZLrftG15MRAkZFAKDi0bKef1EY0jsRPGjHgqNgegU6FQCdFJUZ
> 8IsO2kOVTmwHSMbAGSRN1qw=
> =nmuM
> -----END PGP SIGNATURE-----
>
>


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
johnlist@xxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: thor@xxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx

RE: Fw: VMware vulnerability in NAT networking

Other related posts: