Lycoris Desktop/LX is an operating system designed with ease of use in
mind. Desktop/LX loads ready for Internet access, office productivity,
multimedia, entertainment, and more.
A locally exploitable vulnerability exists in Lycoris Desktop/LX that
can lead to execution of arbitrary code with elevated privileges. The
vulnerability specifically exists due to insecure world writable file
permissions on the /usr/share/RedmondLinux/HTML/control/ directory. The
directory contains the files used in the Lycoris Control Center
application. An attacker can modify the index.html file to cause users
accessing the Control Center to execute arbitrary code.
-rw-rw-rw- 1 root users 4712 Apr 21 15:29 index.html
A local attacker can leverage the vulnerability to cause privileged
users to execute arbitrary code. The features of the Control Center
commonly require the user to be root to perform the functions available,
increasing the chances for success with this attack.
Lycoris Desktop/LX build 46, installed from cd1_en_binary.iso with
md5sum 2d3e4f7bb050ea0e04ea462d7d46d8f is known to be vulnerable to
this issue. Previous versions are likely susceptible as well.
Change the permissions on /usr/share/RedmondLinux/HTML/control/ and the
underlying files to restrict group level access.
A Mitre Corp. Common Vulnerabilities and Exposures (CVE) number has not
been assigned yet.
09/24/2003 Initial vendor notification
10/24/2003 Public Disclosure
Knud Erik Hojgaard is credited with this discovery.
Get paid for vulnerability research
Copyright © 2004 Verisign, Inc.
Permission is granted for the redistribution of this alert
electronically. It may not be edited in any way without the express
written consent of iDEFENSE. If you wish to reprint the whole or any
part of this alert in any other medium other than electronically, please
email firstname.lastname@example.org for permission.
Disclaimer: The information in the advisory is believed to be accurate
at the time of publishing based on currently available information. Use
of the information constitutes acceptance for use in an AS IS condition.
There are no warranties with regard to this information. Neither the
author nor the publisher accepts any liability for any direct, indirect,
or consequential loss or damage arising from use of, or reliance on,