VMWare Security Crumbling: Not Really

Posted on February 26, 2008. Filed under: Auditing, General | Tags: , , , |

This week CoreLabs came out with notification of a vulnerability found with in VMWare’s software. This vulnerability allows an attacker to break out of the Guest Operating System. This vulnerability was found in VMware’s shared folders mechanism. It grants users of a Guest system read and write access to any portion of the Host’s file system including the system folder and other security-sensitive files. The exploitation of this vulnerability allows attackers to break out of a Guest system to compromise the underlying Host system that controls it. To understand what is bad about this you have to see that the Guest system has been considered an isolated system.

Many security experts have utilized a virtual environment for testing malware, security exploits and vulnerabilities for years. I to am one of these. The one issue that I see that is creating a problem in these environments that has never really been an issue revolves around shared folders.

For a system to be isolated you would not have shared folders turned on in the first place. I know that this is the default. But that is what you would look for if you wanted to truly set up an isolated OS. If I have needed to transfer information from my host system to my guest systems in the past I have utilized USB Keys or burned CD’s.

Now because of this multiple people are discussing not utilizing VMWare or this is another reason to use VirtualPC, Xen, Virtuosso, etc. I see this more as an area that most people should have addressed through good practices in the first place. Granted VMWare needs to come out with a patch pronto!

So on a side note here is what you do in the interim to fix this problem. First we need to disable the Shared Folders feature for all virtual machines.

With in VMWare Workstation this can be done by clicking on “Edit virtual machine settings”

Edit Virtual Machine Settings

Then click on the options tab:

Options Tab

 

Now click on shared folders under Settings

Shared Folders

 

Finally, check on No Shared Folders

No Shared Folders Checkbox

 

The vendor has published a security alert with a step-by-step description of how to disable Shared Folders on affected products.

 

Vulnerable packages

All versions of VMware’s desktop products that include the Shared Folders feature up to:

VMWare Workstation 6.0.2

VMWare Workstation 5.5.4

VMWare Player 2.0.2

VMWare Player 1.0.4

VMWare ACE 2.0.2

VMWare ACE 1.0.2

Non-vulnerable packages

VMWare ESX

VMWare Server

 

More on this can be seen at:

http://www.coresecurity.com/?action=item&id=2129

Make a Comment

Make a Comment: ( 2 so far )

blockquote and a tags work here.

2 Responses to “VMWare Security Crumbling: Not Really”

RSS Feed for secauditor speaks: hmmmm…Security – Imagine That Comments RSS Feed

Hi All,

I don’t usually let these articles through. Scott Cole writes and interesting article talking about the same topic though.

Take a look.
-secauditor

secauditor
February 27, 2008

Reply

Where's The Comment Form?

    About

    “The soft and the pliable will defeat the hard and strong.” Lao Tzu

    RSS

    Subscribe Via RSS

    • Subscribe with Bloglines
    • Add your feed to Newsburst from CNET News.com
    • Subscribe in Google Reader
    • Add to My Yahoo!
    • Subscribe in NewsGator Online
    • The latest comments to all posts in RSS
    • Subscribe in Rojo

    Meta

Liked it here?
Why not try sites on the blogroll...