Multisoft FlagShip 4.4 - Installation Permission



EKU-ID: 25722 CVE: CVE-2000-0721;OSVDB-13722 OSVDB-ID:
Author: Narrow Published: 2000-08-10 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


source: https://www.securityfocus.com/bid/1586/info

A vulnerability exists in the installation of Multisoft's FlagShip 4.4 product. Some binaries are installed with world writable permissions. This may allow an attacker to alter a binary and cause other users to execute arbitrary code.

The files:
/usr/bin/FSserial
/usr/bin/FlagShip_c
/usr/bin/FlagShip_p

are world writable.