VMWare ESX and Java ASP Vulns, Akamai Exploit

Sun’s Java Active Server Pages version 4.0.2 contains multiple vulnerabilities. These vulnerabilities are numerous and could result in a variety of negative consequences; including remote system compromise, bypassing security restrictions, and manipulation of data. Sun has released version 4.0.3 that corrects the issues in 4.0.2.

VMWare ESX server versions 2.x and 3.x are vulnerable to information disclosure, denial of service, and in some cases remote system compromise. All administrators and users of VMWare should consider applying the vendor provided patches to their software. Full details can be found at http://www.vmware.com/security/advisories/VMSA-2008-0009.html.

The Akamai download manager contains and input validation error in its’ ActiveX control. This could result in system compromise or a denial of service when a user visits a malicious web page. The vulnerability affects versions and prior. A working exploit has already been released. Update to version, available at http://dlm.tools.akamai.com/tools/upgrade.html

CA Products ActiveX Vuln, VMWare Update Fixes DoS

Multiple CA products containing the DSM ListCtrl ActiveX Control are vulnerable to buffer overflow. Exploit code has been posted to a public area for this issue. This could allow attackers to cause a denial of service or execute code in the context of the user running the browser. Some mitigating factors taken from the original advisory:

” Mitigating Factors: For BrightStor ARCserve Backup for Laptops &
Desktops, only the server installation is affected. Client
installations are not affected. For CA Desktop Management Suite,
Unicenter Desktop Management Bundle, Unicenter Asset Management,
Unicenter Software Delivery and Unicenter Remote Control, only the
Managers and DSM Explorers are affected. Scalability Servers and
Agents are not affected.”

CA has posted an update for the affected software.

VMWare has issued an update for VMWare ESX. This update fixes a vulnerability that could cause a denial of service. Users/Administrators should apply ESX 2.5.5 Upgrade Patch 6.

VMWare Directory Traversal for Shared Folders

Multiple VMWare products running on Windows platforms with Shared Folders are vulnerable to a directory traversal attack. If an attacker can has access to a guest operating system they can exploit the vulnerability to gain write access to the underlying hosting system. This obviously opens the door for a multitude of attacks.

Until a patch is released users on Windows are advised to disable any Shared Folders that they may have configured.

The original advisory is at:http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004034

Patches for VMWare ESX Server and VirtualCenter

VMWare has released new patches that address vulnerabilities in Tomcat and Java JRE that could lead to compromise of systems, Denial of Service or the ability to circumvent security restrictions. The updates are for VirtualCenter 2.0.2, ESX 3.0.1 and ESX Server 3.0.2.
The original VMWare announcement can be found at: http://lists.vmware.com/pipermail/security-announce/2008/000003.html

VMWare Virtual HoneyPoint Host Appliance

MSI is proud to announce a VMWare appliance based on Damn Small Linux (DSL) for HoneyPoint hosting.

The VM appliance is available free from the HoneyPoint FTP site provided in your license documents. The appliance currently has all available HoneyPoints installed and configured to autostart with the installation.

Root and “dsl” account passwords are “hpss”. Obviously, please change the passwords when you configure the system!

All HoneyPoints have basic configurations provided, and will need to be edited for the location of your console. Currently, they point to

The appliance is capable of being used in any of the VMWare products from Player to ESX and includes use in the OS X Fusion environment.

You can use the VM to emulate entire workstation(s) on the network using Player and such, or use ESX to sprinkle them around your virtual environments en masse. The image is smaller than 60Meg and needs less than 128 Meg of RAM at full utilization. In testing, we easily ran 10 of them on older machines still waiting in the lab for death or recycle….  😉

Let us know if you have any questions, or comments. We really dig this idea and folks seem to really want it.