[27495] in bugtraq
Microsoft Windows Media Player for Sparc/Solaris vulnerability
daemon@ATHENA.MIT.EDU (Samuel Tardieu)
Fri Oct 18 13:22:36 2002
X-Draft-From: ("mail.misc" -45)
To: bugtraq@securityfocus.com
Date: Fri, 18 Oct 2002 18:43:13 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
From: Samuel Tardieu <sam@rfc1149.net>
Reply-To: Samuel Tardieu <sam@rfc1149.net>
Content-Transfer-Encoding: 8bit
Message-Id: <2002-10-18-18-43-13+trackit+sam@rfc1149.net>
[feel free to include in BugTraq, I haven't seen past reports for this
one]
Microsoft Windows Media Player v6.3 for Sparc/Solaris is available for
download from http://download.microsoft.com.
When you install it on Solaris (the program is distributed as an
executable installer, which takes care of everything), the executables
are installed as word-writable files, effectively ignoring the umask
of the installer.
It means that anybody with an account on the system can change those
executables and put a trojan in them. People executing the program
later will happily run the trojan and have their account compromised.
Sam
--
Samuel Tardieu -- sam@rfc1149.net -- http://www.rfc1149.net/sam
