首页
社区
课程
招聘
[下载]VMware Player v1.0.6.80404,v2.0.3.80004
发表于: 2008-3-15 15:28 2520

[下载]VMware Player v1.0.6.80404,v2.0.3.80004

2008-3-15 15:28
2520
VMware Player v1.0.6.80404
2008-03-14

Changelog

VMware Player 1.0.6 addresses the following security issues:
- An internal security audit determined that a malicious user could attain and exploit LocalSystem privileges by causing the authd process to connect to a named pipe that is opened and controlled by the malicious user. In this situation, the malicious user could successfully impersonate authd and attain privileges under which Authd is executing.
bug 221309, (Foundstone CODE-BUG-H-001)
- This release updates the libpng library to version 1.2.22 to remove various security vulnerabilities.
bug 224453
- A vulnerability in VMware Player running on Windows allowed complete access to the host's file system from a guest machine. This access included the ability to create and modify executable files in sensitive locations.
bug 224522, (CORE-2007-0930)
- A security vulnerability in OpenSSL 0.9.7j could make it possible to forge a RSA key signature. VMware Player 1.0.6 upgrades OpenSSL to version 0.9.7l to avoid this vulnerability.
bug 236970), RSA Signature Forgery (CVE-2006-4339)
- The authd process read and honored the vmx.fullpath variable in the user-writable file config.ini, creating a security vulnerability.
bug 241646
- The config.ini file could be modified by non-administrator to change the VMX launch path. This created a vulnerability that could be exploited to escalate a user's privileges.
bug 241675


http://download3.vmware.com/software/vmplayer/VMware-player-1.0.6-80404.exe

VMware Player v2.0.3.80004
2008-03-14

Changelog

VMware Player 2.0.3 addresses the following security issues:
- On Windows hosts, if you have configured and enabled a shared folder, it is possible for an attacker to write arbitrary content from a guest system to arbitrary locations on the host system (CORE-2007-0930). (bug 200360)
- This release updates the libpng library to version 1.2.22 to remove various security vulnerabilities. (bug 224453)

Bugs Reported in VMware Player 2.0.2 and Fixed in This Release
- On openSUSE Linux 10.3 hosts, USB devices cannot be used in a virtual machine unless you plug the USB device in to the host before powering on the virtual machine. (bug 177615)
- On Windows hosts, after disabling shared folders the Properties button remains enabled. (bug 194070)


http://download3.vmware.com/software/vmplayer/VMware-player-2.0.3-80004.exe

[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!

收藏
免费 1
支持
分享
最新回复 (0)
游客
登录 | 注册 方可回帖
返回
//