CVE-2009-2267 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2267): VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by specifying a crafted value for the cs register.
I think we only need an ebuild for the stable series of vmware-server, 1.0.10.203137.
CVE-2009-3707 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3707): VMware Authentication Daemon 1.0 in vmware-authd.exe 6.5.3.8888 in the VMware Authorization Service 2.5.3 and earlier in VMware Workstation 6.5.3 build 185404, VMware Player 2.5.2 build 156735 and 2.5.3 build 185404, and VMware ACE 2.5.3 allows remote attackers to cause a denial of service (process crash) via a \x25\xFF sequence in the USER and PASS commands, related to a "format string DoS" issue. NOTE: some of these details are obtained from third party information. CVE-2009-3733 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3733): Directory traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5 allows remote attackers to read arbitrary files via unspecified vectors.
(In reply to comment #1) > I think we only need an ebuild for the stable series of vmware-server, > 1.0.10.203137. > *vmware-server-1.0.10.203137 (18 Dec 2009) 18 Dec 2009; Vadim Kuznetsov <vadimk@gentoo.org> +vmware-server-1.0.10.203137.ebuild: Bug 297367 I have not run it nor tested it. Thanks.
Hi Vadim, is this ok for stabilization now?
(In reply to comment #4) > Hi Vadim, is this ok for stabilization now? I will try to find hardware and time to test it this week before I say yes or no. I had no luck last week. :( I have not invested much effort into vmware server 1, though. Any help is welcome! Thanks.
Can it go stable now?
Vulnerable versions have been removed.
This issue was resolved and addressed in GLSA 201209-25 at http://security.gentoo.org/glsa/glsa-201209-25.xml by GLSA coordinator Sean Amoss (ackle).