Posted by: Texiwill
Blue Gears, Desktop virtualization, Edward L. Haletky, Exploit, Security, Texiwill, VMware, VMware Player
The gang at Milw0rm have posted one of the few exploits against VMware’s desktop line of products, specifically VMware Player version 2.5.1. This exploits the vmwarebase.dll file when running VMware Player on Windows systems. There is no chance of being able to run generic code through this exploit. In addition, VMware ESX, VMware ESXi, VMware Server and older versions of VMware Player are unaffected.
The issue occurs when you pass long usernames or passwords into VMware-Authd which will cause the application to crash. While it is restarted, a DoS attack could occur which would keep crashing the application and possibly filling up disk space with crash files as well.
VMware has been very responsive to this vulnerability and a fix is already completed. Check out this VMware thread for some more details. This type of response is quite commendable.
Milw0rm is a great resource for exploits of any kind, but since it is used by hackers it is best to access this site from a system you do not mind rebuilding occasionally; a VM works as does using The Onion Ring (TOR) plug-in for Firefox and Internet Explorer. It is best to be overly cautious when browsing sites that hackers create and visit, though they often have the latest exploits and attacks available.
Another good site is prometric.com, which hosts the 100 top hacker sites. As always be cautious when accessing any of these sites.
A hearty “good job” to VMware for their response to this and all other security issues!