Info

Disclosure

Jan 17, 2000

Discovery

Jan 01, 2001

Dates

Exploit

Jan 01, 2001

Solution

Unknown

Description

VMware for Linux contains a flaw that may allow a malicious user to overwrite arbitrary files. The problem is that VMware creates certain files in the "/tmp" directory on startup, but doesn't check the existence and ownership of the files. It is possible that the flaw may allow a malicious user to create a symlink from a malicious file, which could be overwritten when the application is executed resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Race Condition
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

VMware, Inc.

VMware for Linux

1.1.2 Build 364

References

CVE ID: 2000-0090 (see also: NVD)
ISS X-Force ID: 3878
Bugtraq ID: 943
Vendor URL: http://www.vmware.com/
Other Advisory URL: http://www.w00w00.org/files/advisories/vmware.txt

Credit

harikiri - harikiriattrition.org - Personal Page

Direct URL: http://osvdb.org/36218