| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8a6b8e350702041959k41de81b7p91dca60edb16c44b@mail.gmail.com>
Date: Sun, 4 Feb 2007 22:59:51 -0500
From: "James Matthews" <nytrokiss@...il.com>
To: coderman <coderman@...il.com>
Cc: "EitanCaspi@...oo.com" <eitancaspi@...oo.com>,
full-disclosure@...ts.grok.org.uk
Subject: Re: Vmare workstation guest isolation weaknesses
(clipboard transfer)
Is it that bad??
On 2/4/07, coderman <coderman@...il.com> wrote:
>
> On 2/3/07, EitanCaspi@...oo.com <eitancaspi@...oo.com> wrote:
> > ...
> > Type of Risk: isolation failure, information leakage, infection path
>
> latest VMWare Player [1.0.2 or above] also affected. damn, was hoping
> to use this for redistribution leverage. oh well... :)
>
> you can also try the following in your vmx:
> isolation.tools.hgfs.disable = "TRUE"
> isolation.tools.dnd.disable = "TRUE"
> isolation.tools.copy.enable = "FALSE"
> isolation.tools.paste.enabled = "FALSE"
>
> but i have not verified against all workstation / player versions
> across OS's. feedback appreciated.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
http://www.goldwatches.com
http://www.wazoozle.com
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists