Note: This is an archival copy of Security Sun Alert 265268 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1020812.1.
Date of Resolved Release
Security Vulnerability in Sun VirtualBox May Lead to Denial of Service (DoS)
A security vulnerability in Sun VirtualBox 3.0 may allow a local unprivileged user inside of a VirtualBox virtual machine to be able to reboot the host operating system, which is a type of Denial of Service (DoS).
2. Contributing Factors
This issue can occur in the following releases (for all supported platforms):
1. Sun VirtualBox does not run on the SPARC Platform.
2. Previous releases of Sun VirtualBox are not affected by this issue.
To determine the version of Sun VirtualBox on a system, do one of the following:
In the Menu of Sun VirtualBox, select:
Help -> About VirtualBox
Or from the command line, the following command can be run (For Windows, change to the installation directory first):
$ VBoxManage -version3. Symptoms
There are no predictable symptoms that would indicate the described issue has occurred.
There is no workaround for this issue. Please see the "Resolution" section below.
This issue is addressed in the following release (for all supported platforms):
For more information on Security Sun Alerts, see 1009886.1.
Copyright 2000-2009 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
This solution has no attachment