• IDP Daily Update #1312
  posted: 11/18/08
  
• NSM Daily Update #1312
  posted: 11/18/08
  
• Deep Inspection 5.3r5 and above, 5.4, 6.0 #1312
  posted: 11/18/08
  
• Deep Inspection 5.1, 5.2, 5.3r4 and below #1300
  posted: 11/18/08
  
• Deep Inspection 5.0 #1132
  posted: 04/01/08
  
• Antivirus
  posted: 11/17/08

Text Size:        

• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: WMTV Configuration File Symlink Vulnerability

Severity: MODERATE

Description:

wmtv is a video4linux TV player for windowmaker. It runs on Linux and Unix variants using windowmaker. It ships with Debian GNU/Linux 2.2.

A problem has been discovered in wmtv that may allow a local user to launch symlink attacks against the host.

Affected versions of wmtv run setuid root, and require these privileges to function. As a result, the wmtv configuration file is written back as the superuser. No further checks are made by affected versions of the software to ensure symlink attacks are not successful.

Successful symlink attacks may cause critical files to be overwritten by the local attacker, or may result in the attacker gaining elevated privileges.

This appears to be a problem with the version of wmtp that ships with Debian/GNU Linux due to the permissions that are required to run vulnerable versions of the software.

Affected Products:

• wliang wmtv 0.6.5