Mollie, please feel free to publish, however I still believe that
someone who does not inspect a .bxrc before using it is running larger
risks due to the intentional features of the file format rather than
the unintentional bugs found and disclosed here. The similar report on
OSVDB for VMWare Player expresses a similar sentiment:
EMC VMware Player contains a flaw that may allow a local denial
of service. The issue is triggered when a user loads a .vmx
file containing an ide1:0.fileName parameter with an overly long
value, and will result in loss of availability for the the VMware
instace. However, for an attacker to gain access and edit the .vmx
file, it would require a level of access that would allow a wide
variety of attacks. This level of access is considered to be trusted
and not readily available to someone looking to launch this type
of attack.
Mollie, please feel free to publish, however I still believe that
someone who does not inspect a .bxrc before using it is running larger
risks due to the intentional features of the file format rather than
the unintentional bugs found and disclosed here. The similar report on
OSVDB for VMWare Player expresses a similar sentiment:
EMC VMware Player contains a flaw that may allow a local denial
of service. The issue is triggered when a user loads a .vmx
file containing an ide1:0.fileName parameter with an overly long
value, and will result in loss of availability for the the VMware
instace. However, for an attacker to gain access and edit the .vmx
file, it would require a level of access that would allow a wide
variety of attacks. This level of access is considered to be trusted
and not readily available to someone looking to launch this type
of attack.
From http:// osvdb.com/ show/osvdb/ 27524.
Thanks