Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

VMware Workstation 4.0: Possible privilege escalation on the host via symlink manipulation

From: VMware <vmware-security-alert () vmware com>
Date: 26 Jun 2003 22:08:25 -0000


It is possible for a user to gain an esclation in privileges on a system 
running VMware Workstation 4.0 for Linux systems by symlink manipulation 
in a world-writable directory such as /tmp.

Affected systems: VMware Workstation 4.0 for Linux systems

Dates: This was reported to VMware on 2003-06-17 and VMware is posting this
to Bugtraq on 2003-06-26.  

Resolutions:
1. VMware has identified a workaround and a Knowledge Base article will be 
posted by noon Pacific Time on 2003-06-27 at the following url.

http://www.vmware.com/kb

2. VMware plans to release a patch that will resolve this problem 
shortly.  VMware will announce details when available.
Previous By Date Next
Previous By Thread Next

Current thread: