|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
dd
sucuri.net
Date: Wed Jan 06 2010 - 09:07:07 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Have anyone noticed that the files created by the VMware server
installer all have the 777 permissions
to it?
I just installed it on two systems with the same problem....
These are the alerts coming from ossec (the whole /usr/lib/vmware is 777):
File '/usr/lib/vmware/hostd/docroot/print.css' is owned by root and
has written permissions to anyone.
File '/usr/lib/vmware/hostd/docroot/client/clients.xml' is owned by
root and has written permissions to anyone.
File '/usr/lib/vmware/hostd/docroot/sdk/vim.wsdl' is owned by root and
has written permissions to anyone.
.. more hundred files...
File '/usr/lib/vmware/hostd/docroot/sdk/vimServiceVersions.xml' is
owned by root and has written permissions to anyone.
File '/usr/lib/vmware/hostd/docroot/error-32x32.png' is owned by root
and has written permissions to anyone.
Link to it:
http://blog.sucuri.net/2010/01/vmware-insecure-file-creation.html
--dd
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]