VMware View Directory Traversal Exploit Fix

VMware View Security PatchAre you running VMware View?  If so, you will want to look at implementing this newly released security patch from VMware that resolves a potential scenario where a guest user, who has been given access to particular files on a VM, could potentially  prompt the VM to traverse directories and retrieve files that this user should not have access to, eg: hashed passwords, etc.

I don’t normally cover security patch updates on TechHead as they are common place across all software products these days, though this particular vulnerability is a particularly nasty one that could have far reaching security implications for your virtualized VMware environment so I thought it worth a mention.

What Versions of View are affected?

The affected versions of VMware View are:

    VMware View 5.x prior to version 5.1.2
    VMware View 4.x prior to version 4.6.2
    As always, ensure you have full working backups before applying any patches else tempt the patching gods, who will teach you a lesson by making it go all horribly wrong! Winking smile
About Simon Seagrave 706 Articles
Simon is a UK based Virtualization, Cloud & IT Technology Evangelist working as a Senior Technology Consultant and vSpecialist for EMC. He loves working in the ever changing IT industry & spends most of his time working with Virtualization, Cloud & other Enterprise IT based technologies, in particular VMware, EMC and HP products. As well as on this site, you can find him on Twitter and Google+

Be the first to comment

Leave a Reply

Your email address will not be published.


This site uses Akismet to reduce spam. Learn how your comment data is processed.