PermaLink Upgrade to VMware Server 1.0.5 build 80187 (3/14/08)03/18/2008 11:04 PM

Latest Version: 1.0.5  
Date: 3/14/08
Build: 80187

Image:Badkey Corner - Upgrade to VMware Server 1.0.5 build 80187 (3/14/08)

Security Issues Resolved in VMware Server 1.0.5:
  • A security vulnerability in OpenSSL 0.9.7j could make it possible to forge a RSA key signature. VMware Server 1.0.5 upgrades OpenSSL to version 0.9.7l to avoid this vulnerability. bug 216497), RSA Signature Forgery (CVE-2006-4339)
  • An internal security audit determined that a malicious user could attain and exploit LocalSystem privileges by causing the authd process to connect to a named pipe that is opened and controlled by the malicious user. In this situation, the malicious user could successfully impersonate authd and attain privileges under which authd is executing. bug 235420, (Foundstone CODE-BUG-H-001)
  • An internal security audit determined that a malicious user could exploit an insecurely created named pipe object to escalate priviliges or create a denial-of-service attack. bug 235833, (Foundstone CODE-BUG-H-002)
  • This release updates the libpng library to version 1.2.22 to remove various security vulnerabilities. bug 237049
  • A vulnerability in VMware Workstation running on Windows allowed complete access to the host's file system from a guest machine. This access included the ability to create and modify executable files in sensitive locations. bug 240000, (CORE-2007-0930)
  • The authd process read and honored the vmx.fullpath variable in the user-writable file config.ini, creating a security vulnerability. bug 241648
  • The config.ini file could be modified by non-administrator to change the VMX launch path. This created a vulnerability that could be exploited to escalate a user's privileges. bug 241677

Note: In addition, Version 1.0.5 improves Remote Console performance and screen refreshing

More @vmware.com

Here the Upgrade procedure The Badkey Team followed:

Files used:
VMware-mui-1.0.5-80187.tar.gz
VMware-server-1.0.5-80187.i386.rpm

Remove 1.04:
rpm -e VMware-server-1.0.4-56528

Install 1.0.5:
rpm -iv VMware-server-1.0.5-80187.i386.rpm

Extract the new Console:
gtar -xf VMware-mui-1.0.5-80187.tar.gz

Remove 1.0.4 Console:
rpm -e VMware-server-console-1.0.4-56528

Install the new console:
rpm -iv VMware-server-console-1.0.5-80187.i386.rpm

Configure and start VMWare Server:
/usr/bin/vmware-config.pl

Final:
Starting VMware services:
   Virtual machine monitor                          OK
   Virtual ethernet                                 OK
   Bridged networking on /dev/vmnet0                OK
   Host-only networking on /dev/vmnet1 (background) OK
   Host-only networking on /dev/vmnet8 (background) OK
   NAT service on /dev/vmnet8                       OK
   Starting VMware virtual machines...              OK

The configuration of VMware Server 1.0.5 build-80187 for Linux for this running kernel completed successfully.

Then goto the URL of your VMware Server and upgrade the Version of the VMware Server Console to 1.0.5, in this case we used WIN32:

Image:Badkey Corner - Upgrade to VMware Server 1.0.5 build 80187 (3/14/08)

            Upgrade done !!

Note:
Image:Badkey Corner - Upgrade to VMware Server 1.0.5 build 80187 (3/14/08)

The Badkey Team


Technorati:
ClustrMaps
Locations of visitors to this page
My World Travel (21%)
world66.gif
47 countries World66 Member
Domino Social Edition
StatCounter Statistics

View My Stats
Visitor Activity
Planetlotus.org
StatCounter Came From
Crossware Mail Signature
Twitter