From mstgil@unt.edu Wed May 29 07:25:57 1996 Received: from mercury.acs.unt.edu (mercury.acs.unt.edu [129.120.1.1]) by suburbia.net (8.7.4/Proff-950810) with ESMTP id HAA19453; Wed, 29 May 1996 07:25:51 +1000 Received: from sol.acs.unt.edu (sol.acs.unt.edu [129.120.1.42]) by mercury.acs.unt.edu (8.7.1/8.7.1) with ESMTP id QAA17086; Tue, 28 May 1996 16:25:44 -0500 (CDT) Received: (from mstgil@localhost) by sol.acs.unt.edu (8.7.1/8.7.1) id QAA25750; Tue, 28 May 1996 16:25:43 -0500 (CDT) Date: Tue, 28 May 1996 16:25:42 -0500 (CDT) From: "Marc Ph. A. J. St.-Gil - UNIX/VAX Systems Manager" To: Julian Assange cc: best-of-security@suburbia.net Subject: Re: BoS: Security problem in ESRI's ArcDoc 7.0.4 In-Reply-To: <199605281845.EAA09194@suburbia.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII On Wed, 29 May 1996, Julian Assange wrote: > Date: Wed, 29 May 1996 04:45:20 +1000 > From: Julian Assange > To: best-of-security@suburbia.net > Subject: BoS: Security problem in ESRI's ArcDoc 7.0.4 > > > *** GIS & ESRI/ARC/Info shops take note! *** > > The program "fm_fls" as distributed with ESRI's "ArcDoc" package (7.0.4) > contains a bug which allows us to (a) add somewhat arbitrary data > to any file and (b) changes the permissions of that file to rw-rw-rw-. > > fm_fls is setuid root. > Ack! Unless I am mistaken, fm_fls is a viewer for Frame Maker documents. This would seem to indicate that possibly all sites with Frame maker or a product that uses Frame Maker documents and fm_fls viewer as on-line documentation are at risk. Has anyone contacted Frame about this? Marc -- Marc St.-Gil, UNIX Systems Manager AKA: The UNIXMeister(tm) Academic Computing Services E-Mail: mstgil@unt.edu University of North Texas Voice: 817/565-3408 FAX: 565-4060 PO Box 13495, Denton TX, 76203-6495 WWW: http://www.unt.edu/~mstgil