4098788 1999-06-26 19:20 /23 rader/ Postmaster Mottagare: Bugtraq (import) <6844> Ärende: VMware Security Alert ------------------------------------------------------------ Approved-By: aleph1@UNDERGROUND.ORG X-Accept-Language: en MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <3774387B.F9BF9457@sabernet.net> Date: Fri, 25 Jun 1999 19:18:35 -0700 Reply-To: "Jason R. Rhoads" <jason.rhoads@SABERNET.NET> Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG> From: "Jason R. Rhoads" <jason.rhoads@SABERNET.NET> To: BUGTRAQ@NETSPACE.ORG "On June 22nd, 1999, VMware, Inc. was notified of a security problem with VMware for Linux 1.0.1. This security hole is also present in all previous versions of VMware for Linux. The security hole has been fixed in VMware for Linux 1.0.2 released today. The security hole allows a buffer overrun attack against VMware for Linux to result in unprivileged root access to a machine An updated version of VMware for Linux which fixes this problem is available now, see below. As far as we know, this breach has never been used for malicious purposes, or caused any harm to customer installations. VMware, Inc. apologizes for the inconvenience to our users." http://www.vmware.com/news/security.html