On 8/23/07, Arthur Corliss <corliss@xxxxxxxxxxxxxxxx> wrote: > On Wed, 22 Aug 2007, M. Burnett wrote: > > > I have run across a design issue in VMware's scripting automation API that > > diminishes VM guest/host isolation in such a manner to facilitate privilege > > escalation, spreading of malware, and compromise of guest operating systems. > > > > Furthermore, this attack only works if you are running the vmware guest > utilities *and* you are currently logged into a GUI desktop running the > vmware userland process. > > In (not so) short, this attack vector is virtually worthless if reasonable > security practices are employed. There are other methods of compromising guests without any requirements for API's, GUI's, etc - http://www.mnin.org/write/2006_vmshell_injection.pdf. -- Matt Richard
