| |

Wednesday, June 10, 2009

Vmware exploit

Immunity, a penetration-testing company has disclosed a flaw in VMware - "a virtualization software for Windows, Linux and Mac OS X that runs different virtual Operating System (OS)" that enables one to hack and gain control of the hosts Operating System.

They use their penetration-testing tool Canvas 6.47 specifically the cloudburst module for the test attack. The vulnerablity they say is in the virtual-machine display of VMware that can be exploited by a maliciouse video file that when executed, grants access to an intruder to take oveer the hosts OS.

This vulnerability however is not found on all versions of VMware. The bug is only found on VMware Workstations 6.5.1 and earlier but affects all host including Linux OS. 

This is also not the first flaw found on VMware, as previous bug were also reported in 2007. A memory corruption vulnerability (CVE-2007-4496) and a bug in the shared folders implementation (CVE-2007-1744). All the vulnerabilities however is already patched including the latest flaw. An updated VMware system is no longer vulnerable but it is still critical in the sense that not all keeps their system updated.