Title: VCasel Filename Trusting Vulnerability
Severity: MODERATE
Description:
Visual CASEL from Computer Power Solutions is a security product for Novell and Windows NT networks. It (among other things) provides the capability for limiting what a user on a network can execute based on "trusted filenames". Unfortunately, Visual CASEL places all of its trust in the name of the file _only_ instead of the absolute path and filename of the trusted files (that users can execute). Because of this, it is possible to run a malicious file which should not normally be executable if the filename is that of a "trusted file". An example follows (summarized example from xDeath's bugtraq post):
A user copies pong.exe to his home directory and attempts to execute it (and is denied).
The user renames pong.exe to write.exe and executes it.
("write.exe" is a trusted filename, as opposed to C:\windows\write.exe).
Affected Products:
- Computer Power Solutions Visual CASEL 3.0.0
- Computer Power Solutions Visual CASEL 3.5.0
References:
- Computer Power Solutions: Visual CASEL Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
