Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Linux :: Apps N-Z :: varica~1.txt

VariCAD bad permissions




COMMAND

    VariCAD

SYSTEMS AFFECTED

    VariCAD 7.0

PROBLEM

    'Narrow'  found  following.   VariCAD  is  a  CAD  for  mechanical
    engineering for both 2D and 3D.   VariCAD 7.0 is shipped with  Red
    Hat linux 6.0 Application CD.

    Several  binary  files  and  two  directorys  are world writeable.
    Anyone could  replace them  with a  trojan and  wait until someone
    executes the trojaned binary files.  The binary files:

        /usr/bin/xvcad/dxfin
        /usr/bin/xvcad/igesin
        /usr/bin/xvcad/var_rm

    The directorys:

        /usr/bin/xvcad/glib/*
        /usr/lib/xvcad/*

SOLUTION

    Change the premission of the files and directorys to 755.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH