Description
- -----------
The following products have a vulnerability that can allow a non-root user of
the host system to delete files.
VMware Workstation 4.0.1 (for Linux systems) build 5289 and earlier releases
Details/Impact
- --------------
By manipulating symbolic links, a non-root user can delete files in any
directory.
Customers running any version of VMware Workstation (for Windows operating
systems) are not subject to this vulnerability.
Resolutions:
VMware plans to release a patch that will resolve this problem
shortly. VMware will announce details when available.
- - How to get the patched release
- - How to install a patched release
- - A knowledge base article
Notes
- -----
* VMware thanks Paul Szabo of the University of Sydney for alerting us
to this vulnerability.