• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Apache /tmp File Race Vulnerability

Severity: MODERATE

Description:

Apache web server is a popular http daemon, distributed with many variants of the UNIX Operating System and maintained by the Apache Project. Immunix is a hardened Linux distribution maintained by the Immunix team at the WireX Corporation.

A problem has been discovered in the Apache httpd distributed with the Immunix Linux distribution, a distribution based off the RedHat Linux distribution. Apache programs htdigest and htpasswd are used to offer advanced features to users of the web server. However, these two helper programs insecurely create files in the /tmp directory, which could allow for /tmp file guessing. This makes it possible for a user with malicious motives to symlink attack files writable by the UID of the Apache process.

Affected Products:

• Apache Software Foundation Apache 1.3.11
• Apache Software Foundation Apache 1.3.12
• Apache Software Foundation Apache 1.3.14
• Apache Software Foundation Apache 1.3.9
• Apache Software Foundation Apache 2.0.0
• Apache Software Foundation Apache 2.0.0 a9
• Debian Linux 2.2.0
• Debian Linux 2.2.0 68k
• Debian Linux 2.2.0 alpha
• Debian Linux 2.2.0 arm
• Debian Linux 2.2.0 powerpc
• Debian Linux 2.2.0 sparc
• EnGarde Secure Linux 1.0.1
• MandrakeSoft Linux Mandrake 7.1.0
• MandrakeSoft Linux Mandrake 7.2.0
• Netscreen NetScreen-Global PRO Express Policy Manager Server
• Netscreen NetScreen-Global PRO Policy Manager Server
• OpenBSD OpenBSD 2.8.0
• RedHat Linux 6.2.0 alpha
• RedHat Linux 6.2.0 i386
• RedHat Linux 6.2.0 sparc
• RedHat Linux 7.0.0
• RedHat Linux 7.0.0 alpha
• RedHat Linux 7.0.0 i386
• S.u.S.E. Linux 7.0.0
• S.u.S.E. Linux 7.0.0 sparc
• SGI IRIX 6.5.0
• SGI IRIX 6.5.1
• SGI IRIX 6.5.10
• SGI IRIX 6.5.11
• SGI IRIX 6.5.2
• SGI IRIX 6.5.3
• SGI IRIX 6.5.4
• SGI IRIX 6.5.5
• SGI IRIX 6.5.6
• SGI IRIX 6.5.7
• SGI IRIX 6.5.8
• SGI IRIX 6.5.9
• Sun Cobalt ManageRaQ v2 3599BD
• Sun Cobalt Qube3 4000WG
• Sun Cobalt RaQ XTR 3500R
• Sun Cobalt RaQ4 3001R
• Sun Solaris 8
• Sun Solaris 8_x86
• Sun SunOS 5.8.0
• Sun SunOS 5.8.0 _x86
• WireX Immunix OS 7.0.0 -Beta

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.