[Full-disclosure] Vmare workstation guest isolation weaknesses (clipboard transfer)
James Matthews
nytrokiss at gmail.com
Mon Feb 5 03:59:51 GMT 2007
Is it that bad??
On 2/4/07, coderman <coderman at gmail.com> wrote:
>
> On 2/3/07, EitanCaspi at yahoo.com <eitancaspi at yahoo.com> wrote:
> > ...
> > Type of Risk: isolation failure, information leakage, infection path
>
> latest VMWare Player [1.0.2 or above] also affected. damn, was hoping
> to use this for redistribution leverage. oh well... :)
>
> you can also try the following in your vmx:
> isolation.tools.hgfs.disable = "TRUE"
> isolation.tools.dnd.disable = "TRUE"
> isolation.tools.copy.enable = "FALSE"
> isolation.tools.paste.enabled = "FALSE"
>
> but i have not verified against all workstation / player versions
> across OS's. feedback appreciated.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
http://www.goldwatches.com
http://www.wazoozle.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070204/d0de095c/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.