-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Description
The following products have a vulnerability that can allow a
user of the host system to start an arbitrary program with
root privileges:
VMware GSX Server 2.5.1 (for Linux systems) build 4968 and
earlier releases VMware Workstation 4.0 (for Linux systems)
and earlier releases
Details/Impact
By manipulating the VMware GSX Server and VMware Workstation
environment variables, a program such as a shell session with
root privileges could be started when a virtual machine is
launched. The user would then have full access to the host.
VMware strongly urges customers running GSX Server and
Workstation (for Linux systems) to upgrade as soon
as possible.
Customers running any version of VMware GSX Server or
Workstation (for Windows operating systems) are not subject to
this vulnerability.
Solution
To correct the vulnerability in VMware Workstation 4.0, VMware
has released the following:
To correct the vulnerability in GSX Server 2.5.1, VMware will
release the following:
Details
GSX Server 2.5.1 patch 1 (for Linux systems)
VMware GSX Server customers with support services are entitled
to download and install this patched version. VMware strongly
urges customers running GSX Server (for Linux
systems) to upgrade as soon as possible.
VMware GSX Server customers with support services are entitled
to download and install this patched version from
http://www.vmware.com/vmwarestore/newstore/download.jsp?ProductCode=GSX-LX-ESD
This will be available soon.
Upgrade instructions are at:
http://www.vmware.com/support/gsx25/doc/upgrade_gsx.html
VMware Workstation 4.0.1
VMware Workstation customers, if covered under the VMware Workstation Product
Upgrade Policy as described at:
http://www.vmware.com/vmwarestore/pricing.html
are entitled to download and install this updated version from
http://www.vmware.com/vmwarestore/newstore/download.jsp?ProductCode=WKST4-LX-ESD
This is available today.
Upgrade instructions are at
http://www.vmware.com/support/ws4/doc/ws40_upgrade.html
Notes
to this vulnerability.
His Web page is at:
http://www.maths.usyd.edu.au:8000/u/psz/
http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1039
This document is clear signed with PGP.
VMware has the PGP public key available at
http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1055
Some mail programs cause changes to mail messages and content,
which may result in an indication that the PGP signature for
this message is not valid. This may also occur if this
message is forwarded through another email distribution list
that changes the "From" field. Please try to save the message
into a file and then running PGP on it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (MingW32)
iD8DBQE/HwWTLsZLrftG15MRAhXiAJ9vFcGCqKmTG+vzqXrHoiXbuTFNnACgwBwp
K3nnGqL48DDolgn8TFY6zSY=
=Dblu
-----END PGP SIGNATURE-----