1. CVE-Search
  2. CVE-2002-0658
ID CVE-2002-0658
Summary OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
References
Vulnerable Configurations
  • cpe:2.3:a:ossp:mm:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ossp:mm:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:ossp:mm:1.1.3:*:*:*:*:*:*:*
CVSS
Base: 6.2 (as of 04-09-2013 - 04:18)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:H/Au:N/C:C/I:C/A:C
redhat via4
advisories
  • rhsa
    id RHSA-2002:153
  • rhsa
    id RHSA-2002:154
  • rhsa
    id RHSA-2002:156
  • rhsa
    id RHSA-2002:163
  • rhsa
    id RHSA-2002:164
  • rhsa
    id RHSA-2003:158
refmap via4
bid 5352
bugtraq 20020730 [OpenPKG-SA-2002.007] OpenPKG Security Advisory (mm)
caldera CSSA-2002-032.0
debian DSA-137
freebsd FreeBSD-SN-02:05
hp HPSBTL0208-056
mandrake MDKSA-2002:045
suse SuSE-SA:2002:028
xf mm-tmpfile-symlink(9719)
Last major update 04-09-2013 - 04:18
Published 12-08-2002 - 04:00
Last modified 04-09-2013 - 04:18
Back to Top