Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Security Update: [CSSA-2002-032.0] Linux: temporary file races in libmm
From: full-disclosure () lists netsys com (full-disclosure () lists netsys com)
Date: Tue, 30 Jul 2002 18:20:54 -0700


--CE+1k2dSO48ffgeK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

To: bugtraq () securityfocus com announce () lists caldera com security-alerts () linuxsecurity com full-disclosure () 
lists netsys com

______________________________________________________________________________

                Caldera International, Inc.  Security Advisory

Subject:                Linux: temporary file races in libmm
Advisory number:        CSSA-2002-032.0
Issue date:             2002 July 30
Cross reference:
______________________________________________________________________________


1. Problem Description

        The OSSP mm library (libmm) allows a local Apache user to gain
        privileges via temporary files, possibly via a symbolic link.


2. Vulnerable Supported Versions

        System                          Package
        ----------------------------------------------------------------------

        OpenLinux 3.1.1 Server          prior to apache-1.3.22-6.2.i386.rpm
                                        prior to apache-devel-1.3.22-6.2.i386.rpm
                                        prior to apache-doc-1.3.22-6.2.i386.rpm
                                        prior to mm-1.1.3-6.i386.rpm
                                        prior to mm-devel-1.1.3-6.i386.rpm
                                        prior to mm-devel-static-1.1.3-6.i386.rpm

        OpenLinux 3.1.1 Workstation     prior to apache-1.3.22-6.2.i386.rpm
                                        prior to apache-devel-1.3.22-6.2.i386.rpm
                                        prior to apache-doc-1.3.22-6.2.i386.rpm
                                        prior to mm-1.1.3-6.i386.rpm
                                        prior to mm-devel-1.1.3-6.i386.rpm
                                        prior to mm-devel-static-1.1.3-6.i386.rpm

        OpenLinux 3.1 Server            prior to apache-1.3.22-6.2.i386.rpm
                                        prior to apache-devel-1.3.22-6.2.i386.rpm
                                        prior to apache-doc-1.3.22-6.2.i386.rpm
                                        prior to mm-1.1.3-6.i386.rpm
                                        prior to mm-devel-1.1.3-6.i386.rpm
                                        prior to mm-devel-static-1.1.3-6.i386.rpm

        OpenLinux 3.1 Workstation       prior to apache-1.3.22-6.2.i386.rpm
                                        prior to apache-devel-1.3.22-6.2.i386.rpm
                                        prior to apache-doc-1.3.22-6.2.i386.rpm
                                        prior to mm-1.1.3-6.i386.rpm
                                        prior to mm-devel-1.1.3-6.i386.rpm
                                        prior to mm-devel-static-1.1.3-6.i386.rpm


3. Solution

        The proper solution is to install the latest packages. Many
        customers find it easier to use the Caldera System Updater, called
        cupdate (or kcupdate under the KDE environment), to update these
        packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

        4.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-032.0/RPMS

        4.2 Packages

        288b4b7f04fd6f86c57a37600445fad2        apache-1.3.22-6.2.i386.rpm
        0fb7cb950273fa4033c9b3e7ae0c866c        apache-devel-1.3.22-6.2.i386.rpm
        58b2239773abb64736cdae47e974f5bd        apache-doc-1.3.22-6.2.i386.rpm
        e90244e70b6637fd4a6e0b996790027e        mm-1.1.3-6.i386.rpm
        12beafe3a80add0b0d259f3862618888        mm-devel-1.1.3-6.i386.rpm
        bbe13db9994ae59d6a9e02e82d767bb9        mm-devel-static-1.1.3-6.i386.rpm

        4.3 Installation

        rpm -Fvh apache-1.3.22-6.2.i386.rpm
        rpm -Fvh apache-devel-1.3.22-6.2.i386.rpm
        rpm -Fvh apache-doc-1.3.22-6.2.i386.rpm
        rpm -Fvh mm-1.1.3-6.i386.rpm
        rpm -Fvh mm-devel-1.1.3-6.i386.rpm
        rpm -Fvh mm-devel-static-1.1.3-6.i386.rpm

        4.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-032.0/SRPMS

        4.5 Source Packages

        3f1508fed9c5a7120e948d2f23fa5a07        apache-1.3.22-6.2.src.rpm
        9437d47263c28b7efc3fa32fd0b7e2bf        mm-1.1.3-6.src.rpm


5. OpenLinux 3.1.1 Workstation

        5.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-032.0/RPMS

        5.2 Packages

        5d88563f7a3f648cd0ba177866b4c7f4        apache-1.3.22-6.2.i386.rpm
        a91ea79523076fa7f71f008242455c74        apache-devel-1.3.22-6.2.i386.rpm
        5ef1e68029253f18df3a86243f43b38e        apache-doc-1.3.22-6.2.i386.rpm
        a9380214993caaf1664390d6107a9d99        mm-1.1.3-6.i386.rpm
        9dce92bf81c56f29222e7f686f156463        mm-devel-1.1.3-6.i386.rpm
        4f36db29f5eb08fec4a9ee5074e6731a        mm-devel-static-1.1.3-6.i386.rpm

        5.3 Installation

        rpm -Fvh apache-1.3.22-6.2.i386.rpm
        rpm -Fvh apache-devel-1.3.22-6.2.i386.rpm
        rpm -Fvh apache-doc-1.3.22-6.2.i386.rpm
        rpm -Fvh mm-1.1.3-6.i386.rpm
        rpm -Fvh mm-devel-1.1.3-6.i386.rpm
        rpm -Fvh mm-devel-static-1.1.3-6.i386.rpm

        5.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-032.0/SRPMS

        5.5 Source Packages

        b9ccef42f9e9878381532b4959f52f2a        apache-1.3.22-6.2.src.rpm
        bd8d1a94fa5ca11a87a64580d9e82bcc        mm-1.1.3-6.src.rpm


6. OpenLinux 3.1 Server

        6.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-032.0/RPMS

        6.2 Packages

        a93ed3ebd0aa817d400160468c3fe3a1        apache-1.3.22-6.2.i386.rpm
        58d3e98367b84159223bac4b69b1bdd6        apache-devel-1.3.22-6.2.i386.rpm
        ec2c93fa309fe29a90f593da3db71af8        apache-doc-1.3.22-6.2.i386.rpm
        3391fb0b8505b0ec0c3c8f3370508fc9        mm-1.1.3-6.i386.rpm
        c72a0338d81452ab4932b6c1de82f0cc        mm-devel-1.1.3-6.i386.rpm
        4471799937497c53c5d4ccde411a64fe        mm-devel-static-1.1.3-6.i386.rpm

        6.3 Installation

        rpm -Fvh apache-1.3.22-6.2.i386.rpm
        rpm -Fvh apache-devel-1.3.22-6.2.i386.rpm
        rpm -Fvh apache-doc-1.3.22-6.2.i386.rpm
        rpm -Fvh mm-1.1.3-6.i386.rpm
        rpm -Fvh mm-devel-1.1.3-6.i386.rpm
        rpm -Fvh mm-devel-static-1.1.3-6.i386.rpm

        6.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-032.0/SRPMS

        6.5 Source Packages

        4895bc8f8bf5567a467332a7ff129492        apache-1.3.22-6.2.src.rpm
        4a0cd7bdf6a7d6ebe769a96e0e25a83c        mm-1.1.3-6.src.rpm


7. OpenLinux 3.1 Workstation

        7.1 Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-032.0/RPMS

        7.2 Packages

        ab902357aade4b77427442c6cef70510        apache-1.3.22-6.2.i386.rpm
        8bf8a482b851db023e8a8942e25321e7        apache-devel-1.3.22-6.2.i386.rpm
        114f59b93d19be1cdb95087f8a17d9ce        apache-doc-1.3.22-6.2.i386.rpm
        c060a276958dd1b376b93512d0522fdf        mm-1.1.3-6.i386.rpm
        7e878f082b49816f76c1e7949128c85b        mm-devel-1.1.3-6.i386.rpm
        665f6d290d6df6594077df97df4d892f        mm-devel-static-1.1.3-6.i386.rpm

        7.3 Installation

        rpm -Fvh apache-1.3.22-6.2.i386.rpm
        rpm -Fvh apache-devel-1.3.22-6.2.i386.rpm
        rpm -Fvh apache-doc-1.3.22-6.2.i386.rpm
        rpm -Fvh mm-1.1.3-6.i386.rpm
        rpm -Fvh mm-devel-1.1.3-6.i386.rpm
        rpm -Fvh mm-devel-static-1.1.3-6.i386.rpm

        7.4 Source Package Location

        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-032.0/SRPMS

        7.5 Source Packages

        b0ae3b8ddbd4d09f7fb312cf14a1db8c        apache-1.3.22-6.2.src.rpm
        94367d892d24215d3e1b6581c1b4e8d3        mm-1.1.3-6.src.rpm


8. References

        Specific references for this advisory:
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0658
                http://www.ossp.org/pkg/lib/mm/

        Caldera security resources:
                http://www.caldera.com/support/security/index.html

        This security fix closes Caldera incidents sr867252, fz525663,
        erg501638.


9. Disclaimer

        Caldera International, Inc. is not responsible for the misuse
        of any of the information we provide on this website and/or
        through our security advisories. Our advisories are a service
        to our customers intended to promote secure installation and
        use of Caldera products.


10. Acknowledgements

        Sebastian Krahmer and Marcus Meissner discovered and
        researched this vulnerability.

______________________________________________________________________________

--CE+1k2dSO48ffgeK
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj1HO3UACgkQbluZssSXDTFepQCeMTfVEf2QMgxLZBkKgE/jUyQV
gRkAnRGA8Y9SqbmTbONWLvome9q1r/oe
=UCsx
-----END PGP SIGNATURE-----

--CE+1k2dSO48ffgeK--


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault