Virtual PC Services Insecure Temporary File Creation
Application: Connectix Virtual PC 6.0.x / Microsoft Virtual PC 6.1
Platform: Mac OS X
Severity: Local privilege escalation
Author: George Gal Vendor Status: Vendor has updated version of the software CVE Candidate: CAN-2004-0115
Reference: www.atstake.com/research/advisories/2004/a021004-1.txt
Overview:
Virtual PC is a popular x86 virtual machine emulator capable running several guest operating systems under the Mac OS X and Windows platforms. Virtual PC provides a set of services for managing network sharing capabilities under Mac OS X. These services are spawned from the setuid root binary, VirtualPC_Services, which creats several temporary files when it is executed. The VirtualPC_Services does not check for several unsafe conditions prior to creation of these temporary files. As a result an attacker with interactive login access to the system may leverage insecure temporary files to become root or overwrite critical system files.
Details:
@stake has identified a vulnerability within the setuid root binary,
VirtualPC_Services, due to its inability to check for dangerous
conditions prior to temporary file creation. This vulnerability
allows an attacker to truncate and overwrite arbitrary files in
addition to creation of arbitrary files with insecure file
permissions.
Using this vulnerability it is feasible for an attacker to gain root
privileges on the system. The VirtualPC_Services binary creates a
log file upon startup as /tmp/VPCServices_Log. An attacker may
create a symbolic link in the /tmp/ directory as VPCServices_Log
pointing to an arbitrary file to be overwritten when the
VirtualPC_Services binary is executed. However, when the symbolic
link points to a non-existent file a new file is created with file
permissions determined by the unprivileged user’s umask(2) settings.
Vendor Response:
Microsoft has an updated version of the software available.
Download information available at:
http://www.microsoft.com/technet/security/bulletin/MS04-005.asp
Recommendation:
If possible install the updated version of Virtual PC.
Do not install Virtual PC on a multi-user machine. If this is a
requirement, only allow users with in a particular group to access
Virtual PC.
virtualization.info Newest articles
May 24th, 2012
Today Milan hosted the VMware Forum 2012, during the opening keynote Brian Gammage, VMware’s Chief Market Technologist, tried to collect all the news and declarations we heard in the last…
May 23rd, 2012
Yesterday VMware announced the acquisition of Wanova Inc. a company whose main product is called Mirage.
Mirage is a centralized management and recovery solution for physical desktop images over the…
May 23rd, 2012
Yesterday VMware published a paper focused on VMware vMSC (vSphere Metro Storage Cluster), a new configuration within the VMware Hardware Compatibility List intended for environments where disaster/downtime avoidance is a…
May 22nd, 2012
Yesterday, during its annual conference in Las Vegas, EMC announced the acquisition of Syncplicity, a cloud-storage privately held startup founded in 2008 and based in Menlo Park, California.
Terms…
May 21st, 2012
On May 18th Oracle announced the general availability of version 3.1 of its x86 enterprise virtualization solution VM Server.
This release follows 3.0 announced on August 24th 2011.
All the new…
May 21st, 2012
In this post, published on May 18 in VROOM! Blog, the VMware’s Performance Team presented some of the most significant enhancements and optimizations brought to Teradici‘s PCoIP protocol in the…
May 17th, 2012
On May 15th NVIDIA unveiled the NVIDIA® VGX™ platform that will be available later this year through NVIDIA’s hardware OEM and VDI partners.
This new platform promises to deliver…
May 17th, 2012
Microsoft announced this week the new Beta version of its capacity planning tool Microsoft Assessment and Planning (MAP) 7.0 Beta.
The Beta program opened on May 15th and the review…
May 15th, 2012
Today VMware announced VMware vFabric Suite 5.1, expected to be generally available in Q2 2012.
vFabric Suite 5.1 includes vFabric Application Director, to automate the deployment and management of vFabric…
May 15th, 2012
On April 4 Stephen Herrod, VMware’s CTO, has attended, as guest speaker, at a VMUG meeting in Italy.
One of the key point of the speech, documented in one hour-long…
May 14th, 2012
Last week Citrix announced a new tech preview for Hosted Server VDI technology that allows cloud providers to leverage Microsoft SPLA to host VDI-style desktops obtaining a pay-as-you-go monthly subscription licensing…
May 11th, 2012
On May 7 Atlantis Computing announced the general availability of its Atlantis ILIO Diskless VDI 3.2, this product, tailored in particular for VMware View 5.1, enables virtual desktops deployment…
May 11th, 2012
On May 7 Citrix announced a technology preview of Project Aruba that extends Citrix VDI all-in-one proposal for the SMB market, VDI-in-a-Box, with personal vDisk technology.
VDI-in-a-Box, inherited from Kaviza…
May 10th, 2012
On May 7 Cloud Sidekick announced the Early Access Program release of Cato Enterprise Edition (EE) which extends the Community Edition (CE) with Storm Deployment Automation and support for…
Copyright © 2003-2012 virtualization.info. All rights reserved.
virtualization.info | cloudcomputing.info | virtualization.tv | Virtualization Congress