VMware on Tuesday announced that a single file from its ESX server hypervisor source code has been posted online, and it held out the possibility that more proprietary files could be leaked in the future. "The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers," VMware said in a statement.
"Hardcore Charlie" - who claims to have downloaded some 300 Megabytes of VMWare source code.
Anonymous tweeted:
@AnonymousIRC: Oops, VMWare source leaked? Not good http://pastebin.com/JGxdK6vw to Anonymous contributors. May the Pirate Bay always sail strong!
The leaked documents include what appear to be internal VMWare communications, pasted onto CEIEC letterhead and with official looking stamps. One email exchange, dated June 5, 2003 is from Jeffrey Sheldon to an internal VMWare listserv and has the subject "code review:untruncating segments.
Given the large number of service providers that run vSphere, security issues in ESX could potentially have a broad and widespread impact, according to security researchers. VMware says it is looking into the matter and will be canvassing its industry partners and developers in order to determine the source of the breach.