CVE Vulnerabilities


Published: Feb 09, 2005 | Modified: Oct 11, 2017
CVSS 3.x
CVSS 2.x
2.1 LOW

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

Affected Software

Name Vendor Start Version End Version
Mandrake_multi_network_firewall Mandrakesoft 8.2 8.2
Openssl Openssl 0.9.6 0.9.6
Openssl Openssl 0.9.6a 0.9.6a
Openssl Openssl 0.9.6b 0.9.6b
Openssl Openssl 0.9.6c 0.9.6c
Openssl Openssl 0.9.6d 0.9.6d
Openssl Openssl 0.9.6e 0.9.6e
Openssl Openssl 0.9.6f 0.9.6f
Openssl Openssl 0.9.6g 0.9.6g
Openssl Openssl 0.9.6h 0.9.6h
Openssl Openssl 0.9.6i 0.9.6i
Openssl Openssl 0.9.6j 0.9.6j
Openssl Openssl 0.9.6k 0.9.6k
Openssl Openssl 0.9.6l 0.9.6l
Openssl Openssl 0.9.6m 0.9.6m
Openssl Openssl 0.9.7c 0.9.7c
Openssl Openssl 0.9.7d 0.9.7d
Red Hat Enterprise Linux 3 RedHat openssl-0:0.9.7a-33.15 *
Red Hat Enterprise Linux 3 RedHat openssl096b-0:0.9.6b-16.22.3 *
Red Hat Enterprise Linux 4 RedHat openssl-0:0.9.7a-43.2 *
Red Hat Enterprise Linux 4 RedHat openssl096b-0:0.9.6b-22.3 *
Openssl Ubuntu dapper *
Openssl Ubuntu devel *
Openssl Ubuntu edgy *
Openssl Ubuntu feisty *
Openssl097 Ubuntu dapper *
Openssl097 Ubuntu devel *
Openssl097 Ubuntu edgy *
Openssl097 Ubuntu feisty *