Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: VMWare Patches Released - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
VMWare Patches Released

Patches were released yesterday to fix a DoS vulnerability and potential arbitrary code execution.  Here are the two vulnerabilities:

1.  VMWare Descheduled Time Accounting driver:

The issue affects the VMWare Descheduled Time Accounting driver and can cause a denial of service in Windows based virtual machines on the vulnerable versions.   This driver is an optional (non-
default) part of the VMware Tools installation.  However, if the following conditions are met and their tools are not upgraded, virtual machines that are migrated from vulnerable releases are still vulnerable if the following three conditions exist:

- The virtual machine is running a Windows operating system.

- The VMware Descheduled Time Accounting driver is installed
in the virtual machine.

- The VMware Descheduled Time Accounting Service is not running
in the virtual machine

2.  libpng package for the ESX 2.5.5 Service Console

The libpng package is used for creating and manipulating PNG (Portable Network Graphics) image format files.  A crafted PNG file loaded by an application and linked against libpng could cause the application to crash or to allow arbitrary code execution that would run with the priveleges of the user that is using the application. 

Another flaw addresses PNG images that contain "unknown" chunks.  If an application linked against libpng
attempted to process a malformed, unknown chunk in a malicious PNG image, it could cause the application to crash.




165 Posts
ISC Handler
May 29th 2009

Sign Up for Free or Log In to start participating in the conversation!