Re: VMware Workstation 4.0: Possible privilege escalation on the host via symlink manipulation

From: VMware (vmware-security-alertat_private)
Date: Fri Jun 27 2003 - 14:10:01 PDT

Next message: Crispin Cowan: "[Full-Disclosure] Re: [Security] [vendor-sec] Linux 2.4.x execve() file read race vulnerability"

Previous message: keepitsecretat_private: "Let's have fun with EICAR test file"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) In-Reply-To: <20030626220825.12388.qmailat_private> VMware have posted a knowledge base article on 2003-06-27 that describes the workaround to protect a system against potential priviledge escalation. It is at: http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1019 >Received: (qmail 31575 invoked from network); 27 Jun 2003 17:55:34 -0000 >Received: from outgoing2.securityfocus.com (205.206.231.26) > by mail.securityfocus.com with SMTP; 27 Jun 2003 17:55:34 -0000 >Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) > by outgoing2.securityfocus.com (Postfix) with QMQP > id C44698F6FE; Fri, 27 Jun 2003 11:31:17 -0600 (MDT) >Mailing-List: contact bugtraq-helpat_private; run by ezmlm >Precedence: bulk >List-Id: <bugtraq.list-id.securityfocus.com> >List-Post: <mailto:bugtraqat_private> >List-Help: <mailto:bugtraq-helpat_private> >List-Unsubscribe: <mailto:bugtraq-unsubscribeat_private> >List-Subscribe: <mailto:bugtraq-subscribeat_private> >Delivered-To: mailing list bugtraqat_private >Delivered-To: moderator for bugtraqat_private >Received: (qmail 18375 invoked from network); 26 Jun 2003 22:05:14 -0000 >Date: 26 Jun 2003 22:08:25 -0000 >Message-ID: <20030626220825.12388.qmailat_private> >Content-Type: text/plain >Content-Disposition: inline >Content-Transfer-Encoding: binary >MIME-Version: 1.0 >X-Mailer: MIME-tools 5.411 (Entity 5.404) >From: VMware <vmware-security-alertat_private> >To: bugtraqat_private >Subject: VMware Workstation 4.0: Possible privilege escalation on the host > via symlink manipulation > > > >It is possible for a user to gain an esclation in privileges on a system >running VMware Workstation 4.0 for Linux systems by symlink manipulation >in a world-writable directory such as /tmp. > >Affected systems: VMware Workstation 4.0 for Linux systems > >Dates: This was reported to VMware on 2003-06-17 and VMware is posting this >to Bugtraq on 2003-06-26. > >Resolutions: >1. VMware has identified a workaround and a Knowledge Base article will be >posted by noon Pacific Time on 2003-06-27 at the following url. > >http://www.vmware.com/kb > >2. VMware plans to release a patch that will resolve this problem >shortly. VMware will announce details when available. >

Next message: Crispin Cowan: "[Full-Disclosure] Re: [Security] [vendor-sec] Linux 2.4.x execve() file read race vulnerability"
Previous message: keepitsecretat_private: "Let's have fun with EICAR test file"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jun 27 2003 - 14:49:58 PDT