Knowledge Base

Summary

VMware Server doesn't limit the lifetime of sensitive data.

VMware has rated the severity of this issue as a Priority 3 issue according to VMware's Security Response Policy.

Relevant Release

VMware Server prior to RC1.

Problem Description

When a console connection is made using VMware Server, user credentials are kept in memory.

In order for the attacker to obtain information, he must have local access to the system and read access to the memory, or access to memory crash information.

This is only a danger if the attacker already has privileged access to your system.

The Common Vulnerabilities and Exposures (CVE) project has assigned the unique identifier CVE-2006-2662 to this issue.

Solution

Upgrade to the latest version of VMware Server. Download the packages at www.vmware.com/download/server/.

References

References specific to this security advisory include:

• The VMware Server product page at www.vmware.com/products/server/.
• Understanding Data Lifetime via Whole System Simulation at www.stanford.edu/~blp/papers/taint.pdf

Also see the VMware Security Response Policy at www.vmware.com/support/policies/security_response.html.

Acknowledgments

VMware would like to thank Bart Vanautgaerden for reporting this issue.

Contact

Refer to www.vmware.com/security.