What we have published

Fill 4

ERNW White Paper 41

Exploiting Virtual File Formats

Virtual file formats describe entities of virtualization such as virtual machines or virtual hard drives. As virtualization technologies are part of almost every IT environment, all entities contributing to these technologies hold the potential to contain vulnerabilities – either on the design or technology level. In order to elaborate a new class of attacks in cloud environments which is based on virtual file formats, this paper describes characteristics of these formats, analyzes potential attack vectors and describes vulnerabilities identified in VMware’s ESX offerings. The impact of these vulnerabilities include accessing the hypervisor from within a virtual guest system – the worst case threat modeling scenario in virtual environments. This impact will also be used to illustrate how traditional trust and security models have to be adjusted in order to address the architectural changes introduced by cloud environments.