4098788 1999-06-26  19:20  /23 rader/ Postmaster
Mottagare: Bugtraq (import) <6844>
Ärende: VMware Security Alert
------------------------------------------------------------
Approved-By: aleph1@UNDERGROUND.ORG
X-Accept-Language: en
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID:  <3774387B.F9BF9457@sabernet.net>
Date:         Fri, 25 Jun 1999 19:18:35 -0700
Reply-To: "Jason R. Rhoads" <jason.rhoads@SABERNET.NET>
Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: "Jason R. Rhoads" <jason.rhoads@SABERNET.NET>
To: BUGTRAQ@NETSPACE.ORG

"On June 22nd, 1999, VMware, Inc. was notified of a security problem with
VMware for Linux 1.0.1. This security hole is also present in all previous
versions of VMware for Linux. The security hole has been fixed in VMware for
Linux 1.0.2 released today. The security hole allows a buffer overrun attack
against VMware for Linux to result in unprivileged root access to a machine
An updated version of VMware for Linux which fixes this problem is available
now, see below. As far as we know, this breach has never been used for malicious
purposes, or caused any harm to customer installations. VMware, Inc. apologizes
for the inconvenience to our users."

http://www.vmware.com/news/security.html