[UNIX] Default Installation Insecurity in MS WMP for Sparc/Solaris
From: support@securiteam.comDate: 10/19/02
- Previous message: support@securiteam.com: "[REVS] Chrooting Daemons and System Processes HOW-TO"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: 19 Oct 2002 04:33:16 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Default Installation Insecurity in MS WMP for Sparc/Solaris
------------------------------------------------------------------------
SUMMARY
Microsoft Windows Media Player v6.3 for Sparc/Solaris is available for
download from <http://download.microsoft.com>
http://download.microsoft.com. A security vulnerability in the installer
causes the product to install the binary files of the product in an
insecure manner.
DETAILS
When you install Microsoft Windows Media Player on a Solaris machine (the
program is distributed as an executable installer that takes care of
everything), the executables are installed as word-writable files,
effectively ignoring the umask of the installer.
It means that anybody with an account on the system can change those
executables and put a Trojan in them. People executing the program later
will happily run the Trojan and have their account compromised.
ADDITIONAL INFORMATION
The information has been provided by <mailto:sam@rfc1149.net> Samuel
Tardieu.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[REVS] Chrooting Daemons and System Processes HOW-TO"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- Re: Mac OS X Security - Not Quite as Strong as you Thought
... These do not use the installer. ... That's probably why the majority went windows
early on. ... .NET was to provide wrappers around code that code get hacked or compromised to
help plug up some of their security holes. ... M$ track record even for the NT line
wasn't all that good compared to any Unix. ... (comp.sys.mac.advocacy) - Re: Mac OS X Security - Not Quite as Strong as you Thought
... The installer would then be a real installer for ... better to IMPROVE Mac OS
X security? ... The last thing I want is an Apple ... Trying to build a troll
around the notion that Apple isn't security ... (comp.sys.mac.advocacy) - Re: Mac OS X Security - Not Quite as Strong as you Thought
... The installer would then be a real installer for ... better to IMPROVE Mac OS
X security? ... The last thing I want is an Apple ... Programming
is so horribly complicated at this point in time that it is ... (comp.sys.mac.advocacy) - Re: [psh] Upgrade blues
... This stuff should be fixed in the installer. ... I can understand and accept
the amount of updating RC1 brings. ... Just like UAC in Vista - this stuff makes you guys
look silly preferring security to user experience in such a way. ... determine if a file
is remote or not. ... (microsoft.public.windows.server.scripting) - Re: Mac OS X Security - Not Quite as Strong as you Thought
... It bypasses authorization services and executes parts of ... installer packages
as root. ... It seems like Apple has created a security hole. ... installer.
... (comp.sys.mac.advocacy)