Security problem in VMware vSphere 5
Source: H Security - Posted by Dave Wreski   
Vendors/Products Security experts from ERNW have demonstrated the ability to break out of the virtualisation hypervisor of VMware ESXi 5.0 using crafted VMware images. If a provider offers customers the ability to run customer-supplied VMware images on its servers as part of an infrastructure as a service (IaaS) offering, a malicious user could access all data on the server, including other customers' user passwords and virtual machines. The security experts were able to manipulate the virtual disk images in a way that caused host disks to be mounted in the guest system after launching the VM. Successful attacks have been mounted in this way against fully patched copies of ESXi 5.0, but the researchers point out that, as far as they are aware, this has so far only happened under laboratory conditions.

[All of article]

Read this full article at H Security

Only registered users can write comments.
Please login or register.

Powered by AkoComment!