본문 바로가기

벌새::Security

VMware 제품군 다중 보안 취약점 패치 (VMSA-2009-0005)

가상 OS 환경을 제공하는 제품 중 가장 성능면에서 우수하다고 평가받는 제품인 VMware 제품군에서 다중 보안 취약점에 대해 보안 패치가 발표되었습니다.

보안 분석을 위해 VMware를 이용하시는 분들이나 기타 가상 OS를 이용하시는 분들은 자신이 사용하는 가상 OS 제품에 대한 보안 취약점도 항상 체크하는 습관을 가지시기 바랍니다.

가상 공간이라고 안전하지가 못하다는 사실도 반드시 유념해 두어야겠습니다.

[영향을 받는 프로그램]

VMware Workstation 6.5.1 and earlier
VMware Player 2.5.1 and earlier
VMware ACE 2.5.1 and earlier
VMware Server 2.0
VMware Server 1.0.8 and earlier
VMware ESXi 3.5 without patches ESXe350-200811401-O-SG, ESXe350-200903201-O-UG
VMware ESX 3.5 without patches ESX350-200811401-SG, ESX350-200903201-UG
VMware ESX 3.0.3 without patch ESX303-200811401-BG
VMware ESX 3.0.2 without patch ESX-1006980

[보안 취약점 요약]

1. Denial of service guest to host vulnerability in a virtual device

A vulnerability in a guest virtual device driver, could allow a guest operating system to crash the host and consequently any virtual machines on that host.

2. Windows-based host denial of service vulnerability in hcmon.sys

A vulnerability in an ioctl in hcmon.sys could be used to create a denial of service on a Windows-based host. This issue can only be exploited by a privileged Windows account.

3. A VMCI privilege escalation on Windows-based hosts or Windows-based guests.

The Virtual Machine Communication Interface (VMCI) is an infrastructure that provides fast and efficient communication between a virtual machine and the host operating system and between two or more virtual machines on the same host.
A vulnerability in vmci.sys could allow privilege escalation on Windows-based machines. This could occur on Windows-based hosts or inside Windows-based guest operating systems.

4. VNnc Codec Heap Overflow vulnerabilities

The VNnc Codec assists in Record and Replay sessions. Record and Replay record the dynamic virtual machine state over a period of time.
Two heap overflow vulnerabilities could allow a remote attacker to execute arbitrary code on VMware hosted products. For an attack to be successful the user must be tricked into visiting a malicious web page or opening a malicious video file.

5. ACE shared folders vulnerability

The VMware Host Guest File System (HGFS) shared folders feature allows users to transfer data between a guest operating system and the non-virtualized host operating system that contains it.
A vulnerability in ACE shared folders could allow a previously disabled and not removed shared folder in the guest to be enabled by a non ACE Administrator.

6. A remote denial of service vulnerability in authd for Windows based hosts.

A vulnerability in vmware-authd.exe could cause a denial of service condition on Windows hosts.

7. VI Client Retains VirtualCenter Server Password in Memory

After logging in to VirtualCenter Server with VI Client, the password for VirtualCenter Server might be present in the memory of the VI Client.

해당 취약점에 대한 문제 해결 방법은 최근 발표된 제품 업데이트를 이용하시기 바랍니다.

자세한 내용은 VMware Security Advisories (VMSAs) : VMSA-2009-0005를 참고하시기 바랍니다.