----- Forwarded message from Narrow <[EMAIL PROTECTED]> ----- > From: Narrow <[EMAIL PROTECTED]> > Reply-To: Narrow <[EMAIL PROTECTED]> > X-Mailer: Privacyx.com Anonymous Certificate Authority > Date: Thu, 10 Aug 2000 19:53:25 +0300 > To: [EMAIL PROTECTED] > Subject: VariCAD 7.0 premission vulnerability > > _________________________________________________________________________________ > > Content-Type: premission/vulnerability > Date : 10/08/2000 18:34 > Sender : Narrow <[EMAIL PROTECTED]> > Subject : VariCAD 7.0 premission vulnerability > X-System : Red Hat 6.0 > X-Status : Narrow-ADV-#07 > _________________________________________________________________________________ > > DESCRIPTION > VariCAD is a CAD for mechanical engineering for both 2D and 3D. > VariCAD 7.0 is shipped with Red Hat linux 6.0 Application CD. > > PROBLEM > Several binary files and two directorys are world writeable. > Anyone could replace them with a trojan and wait until someone > executes the trojaned binary files. > > The binary files: > /usr/bin/xvcad/dxfin > /usr/bin/xvcad/igesin > /usr/bin/xvcad/var_rm > > The directorys: > /usr/bin/xvcad/glib/* > /usr/lib/xvcad/* > > SOLUTION > Change the premission of the files and directorys to 755. > > -- > Narrow - [EMAIL PROTECTED] - http://www.zone.ee/unix/ > > bash# ./win.com > Segmental fault > > ----- End forwarded message ----- -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
