Bugtraq mailing list archives
FlagShip v4.48.7449 premission vulnerability
From: Narrow <nss () PRIVACYX COM>
Date: Thu, 10 Aug 2000 19:53:27 +0300
_________________________________________________________________________________ Content-Type: premission/vulnerability Date : 09/08/2000 16:05 Sender : Narrow <nss () privacyx com> Subject : FlagShip v4.48.7449 premission vulnerability X-System : Red Hat 6.0 X-Status : Narrow-ADV-#08 _________________________________________________________________________________ DESCRIPTION FlagShip is a cross-platform database development system, fully compatible to Clipper, handles also other xBase dialects. FlagShip is shipped with Red Hat linux 6.0 Application CD. PROBLEM Several binary files are world writeable. Anyone could replace them with a trojan and trick someone to execute the trojaned binary files. The binary files: /usr/bin/FSserial /usr/bin/FlagShip_c /usr/bin/FlagShip_p SOLUTION Change the premission of the binary files to 755. -- Narrow - nss () privacyx com - http://www.zone.ee/unix/ bash# ./win.com Segmental fault
Current thread:
- FlagShip v4.48.7449 premission vulnerability Narrow (Aug 11)