Multisoft FlagShip 4.4 - Installation Permission

Author: Narrow
type: local
platform: linux
port: 
date_added: 2000-08-10 
date_updated: 2012-08-01 
verified: 1 
codes: CVE-2000-0721;OSVDB-13722 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/1586/info

A vulnerability exists in the installation of Multisoft's FlagShip 4.4 product. Some binaries are installed with world writable permissions. This may allow an attacker to alter a binary and cause other users to execute arbitrary code.

The files:
/usr/bin/FSserial
/usr/bin/FlagShip_c
/usr/bin/FlagShip_p

are world writable.