Some versions of Magic eDeveloper Enterprise Edition contain a symbolic-link vulnerability that allows attackers to overwrite data or execute arbitrary commands.
Magic eDeveloper is a development environment for large-scale and distributed applications.
Magic eDeveloper Enterprise Edition versions 8.30-5 and earlier handle temporary files insecurely by not checking for symbolic links. Magic eDeveloper version 9 may also be affected. Magic eDeveloper is reported to trust certain files to contain code safe for execution. The ability to overwrite these files could allow an attacker to supply arbitrary code for execution on the system.
Attackers with previously established access to the filesystem may be able to manipulate Magic eDeveloper to write data to arbitrary file locations. Since Magic eDeveloper trusts certain files to contain safe executable code, overwriting these files can cause Magic eDeveloper to run arbitrary malicious code.
The CERT/CC is currently unaware of a practical solution to this problem.
Thanks to Stephan Holtwisch for reporting this vulnerability.
This document was written by Shawn Van Ittersum.
|Date First Published:||2002-08-05|
|Date Last Updated:||2003-04-11 22:15 UTC|