Debian Security Advisory

DSA-137-1 mm -- insecure temporary files

Date Reported:
30 Jul 2002
Affected Packages:
mm
Vulnerable:
Yes
Security database references:
In the Bugtraq database (at SecurityFocus): BugTraq ID 5352.
In Mitre's CVE dictionary: CVE-2002-0658.
More information:

Marcus Meissner and Sebastian Krahmer discovered and fixed a temporary file vulnerability in the mm shared memory library. This problem can be exploited to gain root access to a machine running Apache which is linked against this library, if shell access to the user “www-data” is already available (which could easily be triggered through PHP).

This problem has been fixed in the upstream version 1.2.0 of mm, which will be uploaded to the unstable Debian distribution while this advisory is released. Fixed packages for potato (Debian 2.2) and woody (Debian 3.0) are linked below.

We recommend that you upgrade your libmm packages immediately and restart your Apache server.

Fixed in:

Debian GNU/Linux 2.2 (potato)

Source:
http://security.debian.org/pool/updates/main/m/mm/mm_1.0.11-1.2.dsc
http://security.debian.org/pool/updates/main/m/mm/mm_1.0.11.orig.tar.gz
http://security.debian.org/pool/updates/main/m/mm/mm_1.0.11-1.2.diff.gz
Alpha:
http://security.debian.org/pool/updates/main/m/mm/libmm10_1.0.11-1.2_alpha.deb
http://security.debian.org/pool/updates/main/m/mm/libmm10-dev_1.0.11-1.2_alpha.deb
ARM:
http://security.debian.org/pool/updates/main/m/mm/libmm10_1.0.11-1.2_arm.deb
http://security.debian.org/pool/updates/main/m/mm/libmm10-dev_1.0.11-1.2_arm.deb
Intel ia32:
http://security.debian.org/pool/updates/main/m/mm/libmm10_1.0.11-1.2_i386.deb
http://security.debian.org/pool/updates/main/m/mm/libmm10-dev_1.0.11-1.2_i386.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/m/mm/libmm10_1.0.11-1.2_m68k.deb
http://security.debian.org/pool/updates/main/m/mm/libmm10-dev_1.0.11-1.2_m68k.deb
PowerPC:
http://security.debian.org/pool/updates/main/m/mm/libmm10_1.0.11-1.2_powerpc.deb
http://security.debian.org/pool/updates/main/m/mm/libmm10-dev_1.0.11-1.2_powerpc.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/m/mm/libmm10_1.0.11-1.2_sparc.deb
http://security.debian.org/pool/updates/main/m/mm/libmm10-dev_1.0.11-1.2_sparc.deb

Debian GNU/Linux 3.0 (woody)

Source:
http://security.debian.org/pool/updates/main/m/mm/mm_1.1.3-6.1.dsc
http://security.debian.org/pool/updates/main/m/mm/mm_1.1.3.orig.tar.gz
http://security.debian.org/pool/updates/main/m/mm/mm_1.1.3-6.1.diff.gz
Alpha:
http://security.debian.org/pool/updates/main/m/mm/libmm11_1.1.3-6.1_alpha.deb
http://security.debian.org/pool/updates/main/m/mm/libmm11-dev_1.1.3-6.1_alpha.deb
ARM:
http://security.debian.org/pool/updates/main/m/mm/libmm11_1.1.3-6.1_arm.deb
http://security.debian.org/pool/updates/main/m/mm/libmm11-dev_1.1.3-6.1_arm.deb
Intel ia32:
http://security.debian.org/pool/updates/main/m/mm/libmm11_1.1.3-6.1_i386.deb
http://security.debian.org/pool/updates/main/m/mm/libmm11-dev_1.1.3-6.1_i386.deb
Intel ia64:
http://security.debian.org/pool/updates/main/m/mm/libmm11_1.1.3-6.1_ia64.deb
http://security.debian.org/pool/updates/main/m/mm/libmm11-dev_1.1.3-6.1_ia64.deb
HP Precision:
http://security.debian.org/pool/updates/main/m/mm/libmm11_1.1.3-6.1_hppa.deb
http://security.debian.org/pool/updates/main/m/mm/libmm11-dev_1.1.3-6.1_hppa.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/m/mm/libmm11_1.1.3-6.1_m68k.deb
http://security.debian.org/pool/updates/main/m/mm/libmm11-dev_1.1.3-6.1_m68k.deb
Big endian MIPS:
http://security.debian.org/pool/updates/main/m/mm/libmm11_1.1.3-6.1_mips.deb
http://security.debian.org/pool/updates/main/m/mm/libmm11-dev_1.1.3-6.1_mips.deb
Little endian MIPS:
http://security.debian.org/pool/updates/main/m/mm/libmm11_1.1.3-6.1_mipsel.deb
http://security.debian.org/pool/updates/main/m/mm/libmm11-dev_1.1.3-6.1_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/m/mm/libmm11_1.1.3-6.1_powerpc.deb
http://security.debian.org/pool/updates/main/m/mm/libmm11-dev_1.1.3-6.1_powerpc.deb
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/m/mm/libmm11_1.1.3-6.1_s390.deb
http://security.debian.org/pool/updates/main/m/mm/libmm11-dev_1.1.3-6.1_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/m/mm/libmm11_1.1.3-6.1_sparc.deb
http://security.debian.org/pool/updates/main/m/mm/libmm11-dev_1.1.3-6.1_sparc.deb

MD5 checksums of the listed files are available in the original advisory.