[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200606200259.k5K2xvEf024796@asti.maths.usyd.edu.au>
Date: Tue, 20 Jun 2006 12:59:57 +1000
From: Paul Szabo <psz@...hs.usyd.edu.au>
To: bugtraq@...urityfocus.com, co296@....com
Subject: Re: Vm ware 0day dos exploit by n00b.
co296@....com wrote:
> ... in vmware user's .vmx file ... we change ...
> ide1:0.fileName = AAAAA... it will cause a d0s ...
I am confused: cannot you cause such a problem with any invalid filename?
Where is the attack, if you had to have write access to the user's file?
Can you have code execution (shellcode in that name, for VMware on UNIX
where bits of it run as root)?
Cheers,
Paul Szabo psz@...hs.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
Powered by blists - more mailing lists