Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Linux :: Apps N-Z :: bt1415.txt

VMware Workstation 4.0.1 (for Linux systems) vulnerability





Description
- -----------

The following products have a vulnerability that can allow a non-root =
user of
the host system to delete files.

VMware Workstation 4.0.1 (for Linux systems) build 5289 and earlier =
releases =20

Details/Impact
- --------------

By manipulating symbolic links, a non-root user can delete files in any
directory.

Customers running any version of VMware Workstation (for Windows =
operating
systems) are not subject to this vulnerability.=20

Resolutions:

VMware plans to release a patch that will resolve this problem
shortly.  VMware will announce details when available.

- - How to get the patched release
- - How to install a patched release
- - A knowledge base article


Notes
- -----

* VMware thanks Paul Szabo of the University of Sydney for alerting us
to this vulnerability.

His Web page is at:=20

http://www.maths.usyd.edu.au:8000/u/psz/

- -----------------
This document is clear signed with PGP. =20

VMware has the PGP public key available at

http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=3D1039

Some mail programs cause changes to mail messages and content, which may =
result
in an indication that the PGP signature for this message is not valid.  =
This
may also occur if this message is forwarded through another email =
distribution
list that changes the "From" field.  Please try to save the message into =
a file
and then running PGP on it.



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH