MitreCVE-2002-0658CVE-2002-0658
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
29.4%
OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ossp | mm | 1.0.0 | cpe:2.3:a:ossp:mm:1.0.0:*:*:*:*:*:*:* |
| ossp | mm | 1.0.1 | cpe:2.3:a:ossp:mm:1.0.1:*:*:*:*:*:*:* |
| ossp | mm | 1.0.2 | cpe:2.3:a:ossp:mm:1.0.2:*:*:*:*:*:*:* |
| ossp | mm | 1.0.3 | cpe:2.3:a:ossp:mm:1.0.3:*:*:*:*:*:*:* |
| ossp | mm | 1.0.4 | cpe:2.3:a:ossp:mm:1.0.4:*:*:*:*:*:*:* |
| ossp | mm | 1.0.5 | cpe:2.3:a:ossp:mm:1.0.5:*:*:*:*:*:*:* |
| ossp | mm | 1.0.6 | cpe:2.3:a:ossp:mm:1.0.6:*:*:*:*:*:*:* |
| ossp | mm | 1.0.7 | cpe:2.3:a:ossp:mm:1.0.7:*:*:*:*:*:*:* |
| ossp | mm | 1.0.8 | cpe:2.3:a:ossp:mm:1.0.8:*:*:*:*:*:*:* |
| ossp | mm | 1.0.9 | cpe:2.3:a:ossp:mm:1.0.9:*:*:*:*:*:*:* |
References
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-032.0.txt
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc
online.securityfocus.com/advisories/4392
rhn.redhat.com/errata/RHSA-2002-153.html
rhn.redhat.com/errata/RHSA-2002-154.html
rhn.redhat.com/errata/RHSA-2002-156.html
rhn.redhat.com/errata/RHSA-2002-164.html
www.debian.org/security/2002/dsa-137
www.iss.net/security_center/static/9719.php
www.linux-mandrake.com/en/security/2002/MDKSA-2002-045.php
www.novell.com/linux/security/advisories/2002_028_mod_ssl.html
www.redhat.com/support/errata/RHSA-2002-163.html
www.redhat.com/support/errata/RHSA-2003-158.html
www.securityfocus.com/bid/5352
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
29.4%