Mathematica '/tmp/MathLink' Symlink Attack Local Privilege Escalation Vulnerability
BID:40169
Info
Mathematica '/tmp/MathLink' Symlink Attack Local Privilege Escalation Vulnerability
| Bugtraq ID: | 40169 |
| Class: | Unknown |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | May 14 2010 12:00AM |
| Updated: | Sep 01 2014 12:12AM |
| Credit: | paul.szabo |
| Vulnerable: |
Wolfram Research Mathematica 8 Wolfram Research Mathematica 7 |
| Not Vulnerable: | |
Discussion
Mathematica '/tmp/MathLink' Symlink Attack Local Privilege Escalation Vulnerability
Mathematica is prone to a local privilege-escalation vulnerability.
Local attackers can exploit this issue to gain elevated privileges on affected computers.
Mathematica is prone to a local privilege-escalation vulnerability.
Local attackers can exploit this issue to gain elevated privileges on affected computers.
Exploit / POC
Mathematica '/tmp/MathLink' Symlink Attack Local Privilege Escalation Vulnerability
An attacker uses readily available commands to exploit the issue.
An attacker uses readily available commands to exploit the issue.
Solution / Fix
Mathematica '/tmp/MathLink' Symlink Attack Local Privilege Escalation Vulnerability
Solution:
Currently we are not aware of any vendor supplied patches. If you feel we are in error or if you are aware of any more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor supplied patches. If you feel we are in error or if you are aware of any more recent information, please mail us at: [email protected].
References
Mathematica '/tmp/MathLink' Symlink Attack Local Privilege Escalation Vulnerability
References:
References:
- Mathematica Homepage (Wolfram Research)
- Mathematica on Linux /tmp/MathLink vulnerability (Paul Szabo)