Browsing Category: Virtualization

VMware Patches Flaws in ESX, vCenter

VMware has released a slew of patches that fix vulnerabilities in a number of its products, including vCenter Server, vCenter Server Appliance, vSphere Update Manager, ESX and ESXi. Some of the flaws can lead to authentication bypass or denial of service on affected products. The most serious vulnerability is a bug in vCenter Server 5.0 and[…]

Read more...

VMware Fixes Privilege Escalation Vulnerability

Categories: Virtualization

Virtualization software maker VMware issued an update last Thursday resolving a virtual machine communication interface (VMCI) vulnerability in its ESX Server, Workstation, Fusion and View products that could lead to a privilege escalation if unpatched.According to the VMware security advisory, a local attacker could potentially exploit a control code handling vulnerability in vmci.sys in order to tamper with memory allocation in the VMCI code and eventually obtain elevated privileges on Windows-based hosts and guest operating systems.

Read more...

More VMware ESX Source Code Posted Online

Categories: Hacks, Virtualization

For the third time this year, VMware ESX source code has been posted online. A hacker known as Stun claiming to be affiliated with Anonymous tweeted a link to a torrent site hosting the stolen VMkernel source code. VMware director of platform security Iain Mulholland acknowledged the breach on Sunday and confirmed the source code, dating from 1998-2004, is related to code posted in April and May.

Read more...