mailing list archives
Huge security hole in SDRC IDEAS MS6 cad system.
From: sow () CAD LUTH SE (Sven-Ove Westberg)
Date: Fri, 5 Jun 1998 14:27:44 +0200
I have found a huge security hole with the SDRC's new CAD system IDEAS
Master Series 6. The now use the orbixd as an interface daemon and they
run it as root!! I looked at Internet and found that s they run the daemon
anyone can get root access or access as any user, from anyhost that can
acces the TCP/IP port on the machine.
Here is some references on security ond orbixd.
The CAD system is the main CAD system at many big companies for example
Ford. I have sent out a waring to the mailing list for IDEAS users, we have
also filed a bug report but SDRC seems to ignore the security of their
customers computers since we have not heard any thing from them.
SDRC did not supply you with any documentation on the orbixd just a script
that you should run as ROOT!!! I think that talks for it self.
Other systems may also use the orbixd look out for them.
This is the Orbix.cfg file.
# Below are listed the main orbix environment configuration variables
# and associated default values. An Orbix client, server or daemon will
# use these values if, and only if, the relevant unix environment
# variable is not defined.
# the port number for the Orbix daemon:
# the starting port number for daemon-run servers:
# the full path name of the error messages _file_:
# the full path name of the Implmentation Repository _directory_
# the full path name of the Interface Repository _directory_:
# the full path name of the _directory_ holding the locator files:
Did anyone know if I can run the orbixd under tcpwrapper?
What is the two ports for? Did it listen on two ports?
Sven-Ove Westberg, CAD, University of Lulea, S-971 87 Lulea, Sweden.