CVE-2002-0658

OSSP mm <1.2.0 - Privilege Escalation

Title source: llm

Description

OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Sebastian Krahmer · clocallinux

https://www.exploit-db.com/exploits/21667

View Code ZIP pw:eip

References (14)

[Various Sources] ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2003-158.html

[Third Party Advisory] http://www.iss.net/security_center/static/9719.php

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2002-163.html

[Various Sources] ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-032.0.txt

[Patch, Vendor Advisory] http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-045.php

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/advisories/4392

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2002-164.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2002-156.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2002-154.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2002-153.html

[Vendor Advisory] http://www.novell.com/linux/security/advisories/2002_028_mod_ssl.html

[Third Party Advisory] http://www.debian.org/security/2002/dsa-137

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/5352

Scores

EPSS 0.0148

EPSS Percentile 81.1%

Details

Status published

Products (17)

ossp/mm 1.0.0

ossp/mm 1.0.1

ossp/mm 1.0.2

ossp/mm 1.0.3

ossp/mm 1.0.4

ossp/mm 1.0.5

ossp/mm 1.0.6

ossp/mm 1.0.7

ossp/mm 1.0.8

ossp/mm 1.0.9

... and 7 more

Published Aug 12, 2002

Tracked Since Feb 18, 2026