Some versions of Magic eDeveloper Enterprise Edition contain a symbolic-link vulnerability that allows attackers to overwrite data or execute arbitrary commands.
Magic eDeveloper is a development environment for large-scale and distributed applications.
Magic eDeveloper Enterprise Edition versions 8.30-5 and earlier handle temporary files insecurely by not checking for symbolic links. Magic eDeveloper version 9 may also be affected. Magic eDeveloper is reported to trust certain files to contain code safe for execution. The ability to overwrite these files could allow an attacker to supply arbitrary code for execution on the system.
Attackers with previously established access to the filesystem may be able to manipulate Magic eDeveloper to write data to arbitrary file locations. Since Magic eDeveloper trusts certain files to contain safe executable code, overwriting these files can cause Magic eDeveloper to run arbitrary malicious code.
The CERT/CC is currently unaware of a practical solution to this problem.
Magic Software Enterprises Affected
Notified: January 28, 2002 Updated: February 26, 2002
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Thanks to Stephan Holtwisch for reporting this vulnerability.
This document was written by Shawn Van Ittersum.
|Date First Published:||2002-08-05|
|Date Last Updated:||2003-04-11 22:15 UTC|