05Mar2008 (UTC +8) While we're on the subject of VMware, I just got this piece of news that I thought I'd share with y'all:
______________________________________________________________________ 08.09.29 CVE: CVE-2008-0923 Platform: Cross Platform Title: VMWare Products Shared Folders "MultiByteToWideChar()" Variant Directory Traversal Description: Multiple VMWare products are prone to a directory traversal vulnerability that affects shared folders. This issue occurs when the "MultiByteToWideChar()" handles "PathName" parameter arguments. VMware Workstation versions 6.0.2, 5.5.4 and earlier, VMware Player versions 2.0.2, 1.0.4 and earlier, VMware ACE versions 2.0.2, 1.0.2 and earlier are affected. Ref: http://www.securityfocus.com/archive/1/488725 ______________________________________________________________________ Drexx Laggui -- CISA, CISSP, CFE Associate, ISO27001 LA, CCSI, CSA http://www.laggui.com ( Singapore / Manila / California ) Computer forensics; Penetration testing; QMS & ISMS developers; K-Transfer PGP fingerprint = 6E62 A089 E3EA 1B93 BFB4 8363 FFEC 3976 FF31 8A4E _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
