536364 – (CVE-2014-4199, CVE-2014-4200) app-emulation/vmware-tools: Symlink and information disclosure vulnerability

Bug 536364 (CVE-2014-4199, CVE-2014-4200) - app-emulation/vmware-tools: Symlink and information disclosure vulnerability

Summary: app-emulation/vmware-tools: Symlink and information disclosure vulnerability

Status:	RESOLVED FIXED

Alias:	CVE-2014-4199, CVE-2014-4200

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal trivial (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	~4 [noglsa cve]
Keywords:

Depends on:
Blocks:

Reported:	2015-01-11 21:18 UTC by GLSAMaker/CVETool Bot
Modified:	2018-01-20 16:29 UTC (History)
CC List:	4 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description GLSAMaker/CVETool Bot gentoo-dev

2015-01-11 21:18:42 UTC

CVE-2014-4200 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4200):
  vm-support 0.88 in VMware Tools, as distributed with VMware Workstation
  through 10.0.3 and other products, uses 0644 permissions for the vm-support
  archive, which allows local users to obtain sensitive information by
  extracting files from this archive.

CVE-2014-4199 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4199):
  vm-support 0.88 in VMware Tools, as distributed with VMware Workstation
  through 10.0.3 and other products, allows local users to write to arbitrary
  files via a symlink attack on a file in /tmp.

Comment 1 Sean Amoss (RETIRED) gentoo-dev

2015-01-11 21:29:08 UTC

Maintainer(s), maybe this should be against the app-emulation/vmware-tools package?

Comment 2 Andreas K. Hüttel archtester

2015-09-18 23:47:07 UTC

(In reply to Sean Amoss from comment #1)
> Maintainer(s), maybe this should be against the app-emulation/vmware-tools
> package?

Indeed. Now we "just" need to correlate the version numbers somehow... :/

Comment 3 Aaron Bauman (RETIRED) gentoo-dev

2016-06-05 08:05:38 UTC

# Andreas K. Huettel <dilfridge@gentoo.org> (19 Sep 2015)
# Masked for security reasons, bugs 516044, 552644
# Keeping it in the tree for now for users who cannot upgrade
# (commercial product, separate licenses for major versions)
=app-emulation/vmware-workstation-9*
=app-emulation/vmware-modules-271*


Andreas, how long would you like to leave 9* in the tree?

Comment 4 Aaron Bauman (RETIRED) gentoo-dev

2016-12-01 11:57:21 UTC

The mask for vmware 9.x is still there, but we need a mask for vmware-tools.

@dilfridge, am I missing anything here with the versioning?

Comment 5 Thomas Deutschmann (RETIRED) gentoo-dev

2017-06-17 10:00:09 UTC

Because we had to take action for bug 621910, app-emulation/vmware-tools is now PMASKED again, also addressing this vulnerability.

Comment 6 Manfred Knick 2017-11-30 11:15:04 UTC

(In reply to Thomas Deutschmann from comment #5)

@ Thomas:  as you know already:

VMware Products have been removed from Main Portage Tree during Nov-2017.

Further development has been relegated to [vmware] Overlay.

Situation as of today, 30-Nov-2017:
Workstation : stable in [vmware] = 12.5.8  / released = 14.0.0  : Bug 634770
Player      : stable in [vmware] = 12.5.8  / released = 14.0.0  : Bug 639162
Modules     : stable in [vmware] = 308.5.8 / released = 329.0.0 : Bug 634862
Tools       : stable in [vmware] = 10.1.6  / released = 10.1.15 : Bug 634854


I think this Bug can be CLOSED.

Comment 7 Aaron Bauman (RETIRED) gentoo-dev

2018-01-20 16:29:15 UTC

package has been removed from the tree.