Bugtraq: Re: VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2

From: Steve Shockley <steve.shockley () shockley net>
Date: Wed, 03 Dec 2008 13:42:11 -0500

On 12/3/2008 12:24 AM, VMware Security team wrote:

     A memory corruption condition may occur in the virtual machine
     hardware. A malicious request sent from the guest operating
     system to the virtual hardware may cause the virtual hardware to
     write to uncontrolled physical memory.

So, does this vuln potentially allow a guest -> host escalation?"Memory corruption" is kind of vague.

By Date By Thread

Current thread:

VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2 VMware Security team (Dec 03)
- Re: VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2 Steve Shockley (Dec 03)