Re: vmware bug?
From: Jose Tavares (jat@terra.com.br)Date: 07/31/01
- Previous message: Eric Lackey: "cold fusion 5.0 cfrethrow exploit"
- In reply to: starman jones: "vmware bug?"
- Next in thread: Justin Nelson: "Re: vmware bug?"
- Reply: Justin Nelson: "Re: vmware bug?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <4.3.2.7.2.20010731022743.02277750@200.248.135.1> Date: Tue, 31 Jul 2001 02:42:06 -0300 To: bugtraq@securityfocus.com From: Jose Tavares <jat@terra.com.br> Subject: Re: vmware bug?
At 15:57 30/07/01 -0400, you wrote:
>oi oi.. i recently installed vmware (the latest release of the workstation
>thing) and it crashed once or twice. But never mind that. in /tmp i found
>a file called vmware-log.starman. starman being my user on the box. Inside
>in this file is my license information and it's chmod is 777. That's kinda
>nasty don't ya think? has anyone seen similar things?
>lates
>sj
not confirmed!
when the same version of vmware is run here (2.0.4 build-1142) it puts a
vmware-log.user in the /tmp but it's chmod is 644 ...
the licensekey is in this file but the hash isn't!
but... stealing another users license is easy...
the license2.0 file in the home directory is 644 too and ~/.vmware dir is
755 ...
--
Jose Antonio Alves Tavares Filho "_]{ILLER_"
--
A Computer Science Student at UCPel – Pelotas/RS – Brazil
ICQ# 6093525
98821689
98400508
--
"The BeOS takes the best features from the major
operating systems. It's got the power and flexibility
of Unix, the interface and ease of use of the MacOS,
and Minesweeper from Windows." --Tyler Riti
===================================================================
- Previous message: Eric Lackey: "cold fusion 5.0 cfrethrow exploit"
- In reply to: starman jones: "vmware bug?"
- Next in thread: Justin Nelson: "Re: vmware bug?"
- Reply: Justin Nelson: "Re: vmware bug?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
