SecurityFocus

VMWare poor guest isolation design Aug 23 2007 03:22AM
M. Burnett (mb xato net) (2 replies)

Re: VMWare poor guest isolation design Aug 24 2007 09:07PM
Tim Newsham (newsham lava net)

> VMware's scripting API allows a malicious script on the host machine to
> execute programs, open URLs, and perform other privileged operations on any
> guest operating system open at the console, without requiring any
> credentials on the guest operating system. Furthermore, the script can
> execute programs even if you lock the desktop of the guest OS.

As opposed to pausing the VM, editing the virtual memory image and
unpausing the VM? No scripting interface is needed. How about editing
the virtual disk image and replacing one of the cron scripts with a
shell-on-a-port? Rebooting the VM and going single user? If you control
the VMware process, you control the guest. Fully and Completely.

> Mark Burnett
> http://xato.net

Tim Newsham
http://www.thenewsh.com/~newsham/

[ reply ]

Re: VMWare poor guest isolation design Aug 23 2007 04:49PM
Arthur Corliss (corliss digitalmages com) (6 replies)

RE: VMWare poor guest isolation design Aug 24 2007 06:42PM
Ken Kousky (kkousky ip3inc com)

Re: VMWare poor guest isolation design Aug 24 2007 02:43PM
Matt Richard (matt richard gmail com)

Re: VMWare poor guest isolation design Aug 24 2007 01:06AM
Jonathan Yu (jonathan i yu gmail com) (1 replies)

Re: VMWare poor guest isolation design Aug 24 2007 08:13AM
Arthur Corliss (corliss digitalmages com) (2 replies)

More on VMWare poor guest isolation design Aug 25 2007 01:29AM
M. Burnett (mb xato net) (2 replies)

Re: More on VMWare poor guest isolation design Aug 27 2007 02:37PM
wietse porcupine org (Wietse Venema)

Re: More on VMWare poor guest isolation design Aug 25 2007 07:05PM
Tim Newsham (newsham lava net) (1 replies)

RE: More on VMWare poor guest isolation design Aug 27 2007 05:51PM
M. Burnett (mb xato net) (2 replies)

RE: More on VMWare poor guest isolation design Aug 28 2007 06:49AM
Arthur Corliss (corliss digitalmages com)

RE: More on VMWare poor guest isolation design Aug 27 2007 11:36PM
Tim Newsham (newsham lava net)

Re: VMWare poor guest isolation design Aug 24 2007 01:51PM
Jonathan Yu (jonathan i yu gmail com)

RE: VMWare poor guest isolation design Aug 23 2007 10:40PM
James C. Slora Jr. (james slora phra com)

RE: VMWare poor guest isolation design Aug 23 2007 08:46PM
William Holmberg (wholmberg amdpi com) (1 replies)

RE: VMWare poor guest isolation design Aug 24 2007 07:16AM
Arthur Corliss (corliss digitalmages com)

RE: VMWare poor guest isolation design Aug 23 2007 08:30PM
M. Burnett (mb xato net) (1 replies)

RE: VMWare poor guest isolation design Aug 24 2007 07:50AM
Arthur Corliss (corliss digitalmages com)