Denial of Service Vulnerability in Multiple VMware Products

VMWare is a "virtual PC" software that allows you to run two or more Windows, DOS, or Linux systems on a single machine at the same time. A denial of service vulnerability exists in multiple VMware products, which could be exploited by remote attackers to launch a denial of service attack...

[REMnux] A Linux Distribution for Malware Analysis

REMnux incorporates a number of tools for analyzing malicious executables that run on Microsoft Windows, as well as browser-based malware, such as Flash programs and obfuscated JavaScript. This popular toolkit includes programs for analyzing malicious documents, such PDF files, and utilities for...

Crisis Trojan Makes Its Way onto Virtual Machines

The Windows version of the Crisis Trojan is able to sneak onto VMware implementations, making it possibly the first malware to target such virtual machines. It also has found a way to spread to Windows Mobile devices. “Many threats will terminate themselves when they find a virtual machine...

SYSRET 64-bit operating system privilege escalation vulnerability on Intel CPU hardware

Overview Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape. Intel claims that this vulnerability...

CVE-2012-1515

VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine...

VMware Fusion Version Detection (Mac OS X)

The remote host is running VMware Fusion, a popular desktop virtualization software. TRUSTED...

qemu: Improper handling of erroneous data provided by Linux virtio-net driver

The virtionetbadfeatures function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service guest OS crash, and an associated qemu-kvm process exit by...

kvm-userspace-rhel5: usb-linux.c: fix buffer overflow

Buffer overflow in the usbhosthandlecontrol function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service guest OS crash or hang or possibly execute arbitrary code on the host OS via a crafted USB packet...

NetBIOS Multiple IP Address Enumeration

By sending a special NetBIOS query, Nessus was able to detect the use of multiple IP addresses on the remote host. This indicates the host may be running virtualization software, a VPN client, or has multiple network interfaces. C Tenable Network Security, Inc. include"compat.inc"; if description...

CVE-2008-4539

Heap-based buffer overflow in the Cirrus VGA implementation in 1 KVM before kvm-82 and 2 QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorre...

qemu/kvm/xen: add image format options for USB storage and removable media

QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004...

CVE-2008-0928

Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine...

VMware GSX Server Remote Buffer Overflow

VMware GSX Server Remote Buffer Overflow Author:Zag & Glcs Email: [email protected] & [email protected] Homepage:http://www.venustech.com.cn Date: 2002/07/24 CNCVE ID:CNCVE-20020095 System: VMware GSX Server 2.0.0 build-2050 for Windowsother versions not tested + Windows NT/2000/XP...