(Vendor Issues Fix) Adobe Version Cue Start/Stop Scripts Let Local Users Execute Arbitrary Code With Root Privileges
SecurityTracker Alert ID: 1014025|
SecurityTracker URL: http://securitytracker.com/id/1014025
(Links to External Site)
Date: May 21 2005
Execution of arbitrary code via local system, User access via local system|
Fix Available: Yes Vendor Confirmed: Yes |
Version(s): 1.0, 1.0.1|
A vulnerability was reported in Adobe Version Cue on Mac OS X. A local user can obtain root privileges on the target system.|
The scripts used to start and stop Adobe Version Cue are configured with set user id (setuid) root user privileges and do not validate the path names.
A local user can create specially crafted scripts and modify the current path to point to the directory containing those scripts. Then, when Adobe Version Cue is started or stopped, the scripts will run with root user privileges.
Jonathan Bringhurst reported this vulnerability.
A local user can execute arbitrary code with root privileges on the target system.|
The vendor has issued a fix ("Required update for Version Cue 1.x Workspace"), available at:|
Vendor URL: www.adobe.com/support/techdocs/331621.html (Links to External Site)
|Underlying OS: UNIX (macOS/OS X)|
|Underlying OS Comments: 10.3.6|
This archive entry is a follow-up to the message listed below.|
Source Message Contents
Subject: Advisory for Adobe Version Cue 1.x local elevation of privilege|
-----BEGIN PGP SIGNED MESSAGE-----
Advisory for Adobe Version Cue 1.x local elevation of privilege
Advisory Name: Adobe Version Cue 1.x local elevation of privilege
Release Date: May 18, 2005
Product: Adobe Version Cue 1.x (Version Cue Workspace, version 1.0
and version 1.0.1. Version Cue Workspace is a feature of Adobe
Creative Suite, and is included in Adobe Creative Suite 1.0 and 1.3.)
Platform: Macintosh, on all supported revisions of Mac OS X
Vulnerability Identifier: CAN-2005-1307
Overview: A security vulnerability has been detected in a previous
release of Adobe Version Cue, a feature of Adobe Creative Suite, that
only effects computers running Mac OS X. A risk exists on Macintosh
computers running Mac OS X where a Version Cue Workspace is installed
such that if the computer is configured in a certain manner, a local
user can possibly gain administrative rights.
Adobe is making a Required Update available at www.adobe.com
<http://www.adobe.com/> that addresses this problem. This update is
the same for Adobe Creative Suite Standard or Adobe Creative Suite
Effect: If exploited, the local user will have all the rights of the
system administrator including file and application management.
Details: If a computer running Mac OS X is configured for multiple
user accounts, and some users were not given administrative
privileges but have write access to one folder, the vulnerability can
potentially be exploited. This vulnerability cannot be exploited by
users who do not have login accounts on that machine.
Recommendations: If you use Version Cue 1.x, then download the
Required Update from the Adobe website at
www.adobe.com/support/downloads/detail.jsp?ftpID=2932 . The Required
Update amends internal Version Cue Workspace files to address the
vulnerability issue. The Required Update also changes user access
rights for some Version Cue infrastructure files needed by Version
Vulnerability Identifier Cross-Reference: CAN-2005-1307
By using software of Adobe Systems Incorporated or its subsidiaries
("Adobe"); you agree to the following terms and conditions. If you do
not agree with such terms and conditions; do not use the software.
The terms of an end user license agreement accompanying a particular
software file upon installation or download of the software shall
supersede the terms presented below.
The export and re-export of Adobe software products are controlled by
the United States Export Administration Regulations and such software
may not be exported or re-exported to Cuba; Iran; Iraq; Libya; North
Korea; Sudan; or Syria or any country to which the United States
embargoes goods. In addition; Adobe software may not be distributed
to persons on the Table of Denial Orders; the Entity List; or the
List of Specially Designated Nationals.
By downloading or using an Adobe software product you are certifying
that you are not a national of Cuba; Iran; Iraq; Libya; North Korea;
Sudan; or Syria or any country to which the United States embargoes
goods and that you are not a person on the Table of Denial Orders;
the Entity List; or the List of Specially Designated Nationals.
If the software is designed for use with an application software
product (the "Host Application") published by Adobe; Adobe grants you
a non-exclusive license to use such software with the Host
Application only; provided you possess a valid license from Adobe for
the Host Application. Except as set forth below; such software is
licensed to you subject to the terms and conditions of the End User
License Agreement from Adobe governing your use of the Host
DISCLAIMER OF WARRANTIES: YOU AGREE THAT ADOBE HAS MADE NO EXPRESS
WARRANTIES TO YOU REGARDING THE SOFTWARE AND THAT THE SOFTWARE IS
BEING PROVIDED TO YOU "AS IS" WITHOUT WARRANTY OF ANY KIND. ADOBE
DISCLAIMS ALL WARRANTIES WITH REGARD TO THE SOFTWARE; EXPRESS OR
IMPLIED; INCLUDING; WITHOUT LIMITATION; ANY IMPLIED WARRANTIES OF
FITNESS FOR A PARTICULAR PURPOSE; MERCHANTABILITY; MERCHANTABLE
QUALITY OR NONINFRINGEMENT OF THIRD PARTY RIGHTS. Some states or
jurisdictions do not allow the exclusion of implied warranties; so
the above limitations may not apply to you.
LIMIT OF LIABILITY: IN NO EVENT WILL ADOBE BE LIABLE TO YOU FOR ANY
LOSS OF USE; INTERRUPTION OF BUSINESS; OR ANY DIRECT; INDIRECT;
SPECIAL; INCIDENTAL; OR CONSEQUENTIAL DAMAGES OF ANY KIND (INCLUDING
LOST PROFITS) REGARDLESS OF THE FORM OF ACTION WHETHER IN CONTRACT;
TORT (INCLUDING NEGLIGENCE); STRICT PRODUCT LIABILITY OR OTHERWISE;
EVEN IF ADOBE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Some states or jurisdictions do not allow the exclusion or limitation
of incidental or consequential damages; so the above limitation or
exclusion may not apply to you.
Adobe, the Adobe logo, and Version Cue are either registered
trademarks or trademarks of Adobe Systems Incorporated in the United
States and/or other countries. Apple, Macintosh and Mac are
trademarks of Apple Computer, Inc., registered in the United States
and other countries. Use of the Required Updater is governed by the
license agreement you agree to before downloading the Required
Updater and the license agreement that came with Adobe Creative
C 2005 Adobe Systems Incorporated. All rights reserved. Document
date: May 18, 2005.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
Comment: Adobe Product Security Management
-----END PGP SIGNATURE-----