SOC News: Article

One Article Review

Accueil - L'article:

Source	SecurityWeek
Identifiant	519934
Date de publication	2018-03-16 17:23:00 (vue: 2018-03-16 17:23:00)
Titre	VMware Patches DoS Vulnerability in Workstation, Fusion (Recyclage)
Texte	VMware informed customers on Thursday that it has patched a denial-of-service (DoS) vulnerability in its Workstation and Fusion products. Details of the flaw and proof-of-concept code have been made public. In its advisory, VMware said the vulnerability affects Workstation 12.x and 14.x on all platforms, and Fusion 8.x and 10.x on OS X. Patches are included in Workstation 14.1.1 and Fusion 10.1.1. A workaround that involves setting a password for the VNC connection can be applied to Workstation 12.x and Fusion 8.x releases. The flaw, tracked as CVE-2018-6957, was discovered by Lilith Wyatt of Cisco Talos. VMware says it can be exploited to cause a DoS condition by opening a large number of VNC sessions. VNC, which is used in VMware products for remote management and automation purposes, must be manually enabled for the exploit to work. While VMware has classified the vulnerability as “important,” Cisco Talos has assigned it a CVSS score of 7.5, which puts it in the “high severity” category. In its own advisory, Cisco said an attacker can trigger an exception on a targeted server and cause the virtual machine to shut down by initiating numerous VNC sessions. “Since the VMware VNC server is naturally multi-threaded, there are locks and semaphores and mutexes to deal with shared variables. The VNC server also maintains a global variable that indicates the amount of locks that are currently used, that is incremented by certain events,” Talos explained. The code uses a variable to count the locks and ensure that their number is not too high. Wyatt discovered that each TCP connection to the VNC increments this variable twice, and initiating a large number of connections will eventually lead to a DoS condition and a shutdown of the VM. Cisco's advisory includes a one-line PoC exploit. VMware sponsored the recent Pwn2Own 2018 hacking competition and offered up to $70,000 for VMware Workstation exploits. However, none of the contestants targeted the company's products. At last year's event, white hat hackers did disclose exploits that included VMware virtual machine escapes. Related: VMware Addresses Meltdown, Spectre Flaws in Virtual Appliances Related: Serious Flaws Affect Dell EMC, VMware Data Protection Products
Envoyé	Oui
Condensat	dos fusion patches vmware vulnerability workstation
Tags	Guideline
Stories
Notes
Move

Les reprises de l'article (1):

Source	Kaspersky Threatpost
Identifiant	254774
Date de publication	2016-11-15 15:54:16 (vue: 2016-11-15 15:54:16)
Titre	VMware Patches VM Escape Vulnerability
Texte	VMware patched a vulnerability in Workstation and Fusion that could allow an attacker to run code on a host machine.
Envoyé	Oui
Condensat	allow attacker code could escape fusion host machine patched patches run vmware vulnerability workstation
Tags
Stories
Notes
Move

L'article ressemble à 3 autre(s) article(s):

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2018-05-22 11:04:02	(Déjà vu) VMware Patches Fusion, Workstation Vulnerabilities (lien direct)	VMware informed customers on Monday that updates for its Fusion and Workstation products patch important denial-of-service (DoS) and privilege escalation vulnerabilities.
	2018-10-17 05:04:05	(Déjà vu) VMware Patches Code Execution Flaw in Virtual Graphics Card (lien direct)	VMware has patched a critical arbitrary code execution vulnerability in the SVGA virtual graphics card used by its Workstation, ESXi and Fusion products.	Vulnerability
	2018-11-23 13:55:05	(Déjà vu) VMware Patches Workstation Flaw Disclosed at Hacking Contest (lien direct)	VMware Fixes Vulnerability That Earned Researcher $100,000 at Hacking Contest VMware has patched a critical Workstation and Fusion vulnerability disclosed recently by a researcher at a hacking competition in China.	Vulnerability