VULHUB ™

It has been reported that it is possible for a user to gain an escalation in privileges on a system running VMware Workstation 4.0 for Linux. Under some circumstances VMware Workstation will use the world writeable /tmp directory by default. Under these circumstances, it may be possible for an unprivileged user to create symbolic links that link files stored in the /tmp directory to arbitrary files on the system. Actions taken on the temporary files will be mirrored in the linked files.

It has been reported that it is possible for a user to gain an escalation in privileges on a system running VMware Workstation 4.0 for Linux. Under some circumstances VMware Workstation will use the world writeable /tmp directory by default. Under these circumstances, it may be possible for an unprivileged user to create symbolic links that link files stored in the /tmp directory to arbitrary files on the system. Actions taken on the temporary files will be mirrored in the linked files.