BID:69409

VMware Support Tools '/tmp/' Directory Insecure Temporary File Creation Vulnerability

Info

VMware Support Tools '/tmp/' Directory Insecure Temporary File Creation Vulnerability

Bugtraq ID:	69409
Class:	Design Error
CVE:	CVE-2014-4199
Remote:	No
Local:	Yes
Published:	Aug 18 2014 12:00AM
Updated:	Aug 18 2014 12:00AM
Credit:	dolevf
Vulnerable:	VMWare Tools 0 VMWare Support 0.88

Not Vulnerable:

Discussion

VMware Support Tools '/tmp/' Directory Insecure Temporary File Creation Vulnerability

VMware Support Tools is prone to an insecure temporary-file-creation vulnerability.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application, which may result in a denial of service. Other attacks may also be possible.

Exploit / POC

VMware Support Tools '/tmp/' Directory Insecure Temporary File Creation Vulnerability

An attacker uses readily available commands to exploit this issue.

Solution / Fix

VMware Support Tools '/tmp/' Directory Insecure Temporary File Creation Vulnerability

Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

VMware Support Tools '/tmp/' Directory Insecure Temporary File Creation Vulnerability

References:

VMware vm-support multiple vulnerabilities (Dolev Farhi)
VMware Homepage (VMware)