lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030626220825.12388.qmail@www.securityfocus.com> Date: 26 Jun 2003 22:08:25 -0000 From: VMware <vmware-security-alert@...are.com> To: bugtraq@...urityfocus.com Subject: VMware Workstation 4.0: Possible privilege escalation on the host via symlink manipulation It is possible for a user to gain an esclation in privileges on a system running VMware Workstation 4.0 for Linux systems by symlink manipulation in a world-writable directory such as /tmp. Affected systems: VMware Workstation 4.0 for Linux systems Dates: This was reported to VMware on 2003-06-17 and VMware is posting this to Bugtraq on 2003-06-26. Resolutions: 1. VMware has identified a workaround and a Knowledge Base article will be posted by noon Pacific Time on 2003-06-27 at the following url. http://www.vmware.com/kb 2. VMware plans to release a patch that will resolve this problem shortly. VMware will announce details when available.