An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs (aka hgfsmounter).
References
Link | Resource |
---|---|
https://bugs.gentoo.org/264577 | Issue Tracking Patch Third Party Advisory |
https://github.com/vmware/open-vm-tools/releases/tag/2009.03.18-154848 | Release Notes Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-11-23T00:00:00
Updated: 2022-11-23T00:00:00
Reserved: 2009-03-25T00:00:00
Link: CVE-2009-1143
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-11-23T18:15:10.823
Modified: 2022-11-28T18:22:37.033
Link: CVE-2009-1143
JSON object: View
Redhat Information
No data.
CWE