[30551] in bugtraq
VMware Workstation 4.0: Possible privilege escalation on the host
daemon@ATHENA.MIT.EDU (VMware)
Fri Jun 27 14:54:55 2003
Date: 26 Jun 2003 22:08:25 -0000
Message-ID: <20030626220825.12388.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: VMware <vmware-security-alert@vmware.com>
To: bugtraq@securityfocus.com
It is possible for a user to gain an esclation in privileges on a system
running VMware Workstation 4.0 for Linux systems by symlink manipulation
in a world-writable directory such as /tmp.
Affected systems: VMware Workstation 4.0 for Linux systems
Dates: This was reported to VMware on 2003-06-17 and VMware is posting this
to Bugtraq on 2003-06-26.
Resolutions:
1. VMware has identified a workaround and a Knowledge Base article will be
posted by noon Pacific Time on 2003-06-27 at the following url.
http://www.vmware.com/kb
2. VMware plans to release a patch that will resolve this problem
shortly. VMware will announce details when available.
