词条 | Virtual machine escape |
释义 |
In computer security, virtual machine escape is the process of breaking out of a virtual machine and interacting with the host operating system.[1] A virtual machine is a "completely isolated guest operating system installation within a normal host operating system".[2] In 2008, a vulnerability (CVE-2008-0923) in VMware discovered by Core Security Technologies made VM escape possible on VMware Workstation 6.0.2 and 5.5.4.[3][4] A fully working exploit labeled Cloudburst was developed by Immunity Inc. for Immunity CANVAS (commercial penetration testing tool).[5] Cloudburst was presented in Black Hat USA 2009.[6] Previous known vulnerabilities
See also
References1. ^{{cite web|url=http://lonesysadmin.net/2007/09/22/what-is-vm-escape/|title=What is VM Escape? - The Lone Sysadmin|date=22 September 2007|publisher=}} 2. ^{{Cite web|url=http://www.griffincaprio.com/blog/2006/08/virtual-machines-virtualization-vs-emulation.html |title=Virtual Machines: Virtualization vs. Emulation |accessdate=2011-03-11 }} 3. ^{{cite web|url=http://www.coresecurity.com/content/advisory-vmware|title=Path Traversal vulnerability in VMware's shared folders implementation|date=18 May 2016|publisher=}} 4. ^{{cite web|url=http://www.zdnet.com/blog/security/researcher-critical-vulnerability-found-in-vmwares-desktop-apps/902|title=Researcher: Critical vulnerability found in VMware's desktop apps - ZDNet|first=Larry|last=Dignan|publisher=}} 5. ^{{cite web|url=http://www.darkreading.com/security-services/167801101/security/application-security/217701908/hacking-tool-lets-a-vm-break-out-and-attack-its-host.html|title=Security Monitoring News, Analysis, Discussion, & Community|website=Dark Reading}} 6. ^{{cite web|url=https://www.blackhat.com/html/bh-usa-09/bh-usa-09-speakers.html|title=Black Hat ® Technical Security Conference: USA 2009 // Briefings|website=www.blackhat.com}} 7. ^{{cite web|url=https://www.vmware.com/security/advisories/VMSA-2017-0006.html|title=VMSA-2017-0006|website=VMware}} 8. ^1 {{cite web|url=https://www.vmware.com/security/advisories/VMSA-2017-0018.html|title=VMSA-2017-0018.1|website=VMware}} 9. ^{{cite web|url=https://blogs.securiteam.com/index.php/archives/3649|title=CVE-2018-2698|website=securiteam.com: Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities}} External links
2 : Virtualization software|Computer security exploits |
随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。