The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mandrake_multi_network_firewall | Mandrakesoft | 8.2 (including) | 8.2 (including) |
Openssl | Openssl | 0.9.6 (including) | 0.9.6 (including) |
Openssl | Openssl | 0.9.6a (including) | 0.9.6a (including) |
Openssl | Openssl | 0.9.6b (including) | 0.9.6b (including) |
Openssl | Openssl | 0.9.6c (including) | 0.9.6c (including) |
Openssl | Openssl | 0.9.6d (including) | 0.9.6d (including) |
Openssl | Openssl | 0.9.6e (including) | 0.9.6e (including) |
Openssl | Openssl | 0.9.6f (including) | 0.9.6f (including) |
Openssl | Openssl | 0.9.6g (including) | 0.9.6g (including) |
Openssl | Openssl | 0.9.6h (including) | 0.9.6h (including) |
Openssl | Openssl | 0.9.6i (including) | 0.9.6i (including) |
Openssl | Openssl | 0.9.6j (including) | 0.9.6j (including) |
Openssl | Openssl | 0.9.6k (including) | 0.9.6k (including) |
Openssl | Openssl | 0.9.6l (including) | 0.9.6l (including) |
Openssl | Openssl | 0.9.6m (including) | 0.9.6m (including) |
Openssl | Openssl | 0.9.7c (including) | 0.9.7c (including) |
Openssl | Openssl | 0.9.7d (including) | 0.9.7d (including) |
Openssl | Ubuntu | dapper | * |
Openssl | Ubuntu | devel | * |
Openssl | Ubuntu | edgy | * |
Openssl | Ubuntu | feisty | * |
Openssl097 | Ubuntu | dapper | * |
Openssl097 | Ubuntu | devel | * |
Openssl097 | Ubuntu | edgy | * |
Openssl097 | Ubuntu | feisty | * |
Red Hat Enterprise Linux 3 | RedHat | openssl-0:0.9.7a-33.15 | * |
Red Hat Enterprise Linux 3 | RedHat | openssl096b-0:0.9.6b-16.22.3 | * |
Red Hat Enterprise Linux 4 | RedHat | openssl-0:0.9.7a-43.2 | * |
Red Hat Enterprise Linux 4 | RedHat | openssl096b-0:0.9.6b-22.3 | * |