[isalist] Re: Microsoft Security Bulletin MS07-049 - Important: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (937986)
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Tue, 14 Aug 2007 14:06:55 -0700
http://www.ISAserver.org
-------------------------------------------------------
Indeed. And though you don't have the same "host OS" issues with ESX as
you do with Virt PC, etc, when you consider ESX's ability to intercept
IP calls from one guest to another and re-route them directly to the
guest without traversing the IP stack, one can't help but wonder what
sort of injection issues are possible - i.e., fuzzing the guest stack to
make the host puke...
t
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-
> bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison
> Sent: Tuesday, August 14, 2007 1:53 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Microsoft Security Bulletin MS07-049 -
> Important: Vulnerability in Virtual PC and Virtual Server Could Allow
> Elevation of Privilege (937986)
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> Never say never.
> Code may be made "more secure", but there's always someone out there
> capable of finding "the one".'
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-
> bounce@xxxxxxxxxxxxx]
> On Behalf Of Steve Moffat
> Sent: Tuesday, August 14, 2007 12:53 PM
> To: ISA Mailing List
> Subject: [isalist] Re: Microsoft Security Bulletin MS07-049 -
> Important:
> Vulnerability in Virtual PC and Virtual Server Could Allow Elevation
of
> Privilege (937986)
>
> Never....:)
>
>
>
>
>
>
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-
> bounce@xxxxxxxxxxxxx]
> On Behalf Of Amy Babinchak
> Sent: Tuesday, August 14, 2007 4:34 PM
> To: ISA Mailing List
> Subject: [isalist] Re: Microsoft Security Bulletin MS07-049 -
> Important:
> Vulnerability in Virtual PC and Virtual Server Could Allow Elevation
of
> Privilege (937986)
>
>
>
> yet
>
>
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-
> bounce@xxxxxxxxxxxxx]
> On Behalf Of Steve Moffat
> Sent: Tuesday, August 14, 2007 2:45 PM
> To: ISA Mailing List
> Subject: [isalist] Re: Microsoft Security Bulletin MS07-049 -
> Important:
> Vulnerability in Virtual PC and Virtual Server Could Allow Elevation
of
> Privilege (937986)
>
>
>
> ESX rules BTW..........no issues there...J
>
>
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-
> bounce@xxxxxxxxxxxxx]
> On Behalf Of Thomas W Shinder
> Sent: Tuesday, August 14, 2007 3:15 PM
> To: ISA Mailing List
> Subject: [isalist] Re: Microsoft Security Bulletin MS07-049 -
> Important:
> Vulnerability in Virtual PC and Virtual Server Could Allow Elevation
of
> Privilege (937986)
>
>
>
> This is "why" :)
>
>
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org <http://www.isaserver.org/>
> Blog: http://blogs.isaserver.org/shinder/
> Book: http://tinyurl.com/3xqb7
> MVP -- Microsoft Firewalls (ISA)
>
>
>
>
>
> ________________________________
>
> From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder
> Sent: Tuesday, August 14, 2007 1:04 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Microsoft Security Bulletin MS07-049 -
> Important: Vulnerability in Virtual PC and Virtual Server Could Allow
> Elevation of Privilege (937986)
>
> This is way we don't put Firewalls in VMs:
>
> Microsoft Security Bulletin MS07-049 - Important: Vulnerability
> in Virtual PC and Virtual Server Could Allow Elevation of Privilege
> (937986):
> http://www.microsoft.com/technet/security/Bulletin/ms07-049.mspx
>
>
> All mail to and from this domain is GFI-scanned.
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
