December 15, 2005:US-based systems integrator, Affiliated Computer Services (ACS), has exposed an security whole in various VMware products that will enable hackers to run potentially dangerous code in systems that use NAT (Network Address Translation) networking.

Tim Shelton of ACS announced that he had discovered the hole in the following Linux and Windows-based VMware products:
VMWare VMWare Workstation 5.0 .0 build-13124
VMWare VMWare Workstation 4.5.2
VMWare VMWare Workstation 4.0.2
VMWare VMWare Workstation 4.0.1
VMWare VMWare Workstation 4.0
VMWare VMWare Workstation 3.4
VMWare VMWare Workstation 3.2.1 patch 1
VMWare Player
VMWare GSX Server 3.1
VMWare GSX Server 3.0 build 7592
VMWare GSX Server 3.0
VMWare GSX Server 2.5.2
VMWare GSX Server 2.5.1 build 5336
VMWare GSX Server 2.5.1
VMWare GSX Server 2.0.1 build 2129
VMWare GSX Server 2.0
VMWare ACE 1.0

Serious Damage
The flaw - which VMware is calling "very serious". The reason for this is that a hacker using simple protocols such as FTP could leapfrog out of the virtualised environment into what is know in Unix circles as 'userland' - that is the file area not directly related to the core systems (e.g. those operating in the virtual machine).

It should be noted that VMware has been quick to issue patches for these issues. For a quick interim fix, however, people using the systems can disable NAT.

As we went to press VMware posted a new security advisory on its site regarding what it calls: "...a security flaw in the VMware Management Interface that could allow an unauthorized user to execute scripts on the server". This flaw affects ESX Server 2.0.x, 2.1.x, and 2.5.x. VMware has posted links to patches - although the links currently appear to be unavailable.

Patch Released
For VMware's official responses please go to VMware's security advisories.

What Do you use virtualisation?

Related Article:
Virtualisation carries management burdens