Debian DSA-137-1 : mm - insecure temporary files

medium Nessus Plugin ID 14974

Synopsis

The remote Debian host is missing a security-related update.

Description

Marcus Meissner and Sebastian Krahmer discovered and fixed a temporary file vulnerability in the mm shared memory library. This problem can be exploited to gain root access to a machine running Apache which is linked against this library, if shell access to the user 'www-data' is already available (which could easily be triggered through PHP).

Solution

Upgrade the libmm packages immediately and restart the Apache server.

This problem has been fixed in the upstream version 1.2.0 of mm, which will be uploaded to the unstable Debian distribution while this advisory is released. Fixed packages for potato (Debian 2.2) and woody (Debian 3.0) are linked below.

See Also

http://www.debian.org/security/2002/dsa-137

Plugin Details

Severity: Medium

ID: 14974

File Name: debian_DSA-137.nasl

Version: 1.18

Type: local

Agent: unix

Published: 9/29/2004

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.2

Temporal Score: 5.1

Vector: CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:3.0, cpe:/o:debian:debian_linux:2.2, p-cpe:/a:debian:debian_linux:mm

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/30/2002

Reference Information

CVE: CVE-2002-0658

BID: 5352

DSA: 137