Desktop Virtualization

Virtualization news and reviews

1 Comment

Critical security vulnerabilities fixed in VMware's hosted products

Many of you have probably heard about the recent Core Security findings which resulted in a security advisory CORE-2007-0930, Path Traversal vulnerability in VMware's shared folders implementation:

A vulnerability was found in VMware's shared folders mechanism that grants users of a Guest system read and write access to any portion of the Host's file system including the system folder and other security-sensitive files. Exploitation of these vulnerability allows attackers to break out of an isolated Guest system to compromise the underlying Host system that controls it.

Successful exploitation requires that the Shared Folder's feature to be enabled which is the default on VMware products that have the feature AND at least one folder of the Host system is configured for sharing.

[Read more…]

2 Comments

VMsafe – new virtual security technology from VMware

I'm just back from VMworld Europe 2008, and one of the highlights of this event was the announcement of VMsafe – a new security technology introduced by VMware.

What is VMsafe?

VMsafe is a new security technology. What is means is that software security vendors will partner with VMware to develop custom virtual appliances used for protecting virtual machines on a VMware ESX server.

[Read more…]

Basic Unix Commands

Basic Unix Commands

Unix/Linux Reference

Unix Reference

Advanced Unix Commands

Advanced Unix Commands

Virtualization Glossary