3 matches found
VMWare Setuid vmware-mount Unsafe popen(3)
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require...
VMWare Setuid vmware-mount Unsafe popen(3)
VMWare Workstation up to and including 9.0.2 build-1031769 and Player have a setuid executable called vmware-mount that invokes lsbrelease in the PATH with popen3. Since PATH is user-controlled, and the default system shell on Debian-derived distributions does not drop privs, we can put an...
VMWare Setuid vmware-mount Unsafe popen(3)
VMWare Workstation up to and including 9.0.2 build-1031769 and Player have a setuid executable called vmware-mount that invokes lsbrelease in the PATH with popen3. Since PATH is user-controlled, and the default system shell on Debian-derived distributions does not drop privs, we can put an...