VMware View Directory Traversal Exploit Fix

21 December 2012 By Leave a Comment
Social Share Toolbar

VMware View Security PatchAre you running VMware View?  If so, you will want to look at implementing this newly released security patch from VMware that resolves a potential scenario where a guest user, who has been given access to particular files on a VM, could potentially  prompt the VM to traverse directories and retrieve files that this user should not have access to, eg: hashed passwords, etc.

I don’t normally cover security patch updates on TechHead as they are common place across all software products these days, though this particular vulnerability is a particularly nasty one that could have far reaching security implications for your virtualized VMware environment so I thought it worth a mention.

What Versions of View are affected?

The affected versions of VMware View are:

    VMware View 5.x prior to version 5.1.2
      
    VMware View 4.x prior to version 4.6.2
    As always, ensure you have full working backups before applying any patches else tempt the patching gods, who will teach you a lesson by making it go all horribly wrong! Winking smile
VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)
VMware View Directory Traversal Exploit Fix, 5.0 out of 5 based on 1 rating

Why not take a look at my other related posts?:

  1. VMware View 5.1 now compatible with vSphere 5.1
  2. VMware View 4 – Overview.
  3. VMware View Bootcamp Video Series
  4. How to view your VMware ESXi Host’s System Log, Config and Datastore via a web browser.
  5. VMware Launches View Clients for Mac OS X, Linux & Amazon Fire
Filed Under: View, VMware Tagged With: , , ,
About Simon Seagrave

Simon is a UK based Virtualization & IT Technology Evangelist working as a Senior Technology Consultant and vSpecialist for EMC. He loves working in the ever changing IT industry & spends most of his time working with Virtualisation, Cloud & other Enterprise IT based technologies, in particular VMware, EMC and HP products.