Launchpad CVE tracker

CVE 2004-0975

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

Related bugs and status

CVE-2004-0975 (Candidate) is related to these bugs:

Bug #10212: der_chop script has file in /tmp security holes

Summary				In	Importance	Status
	10212	der_chop script has file in /tmp security holes		openssl (Ubuntu)	High	Fix Released
	10212	der_chop script has file in /tmp security holes		openssl (Debian)	Unknown	Fix Released

Bug #10291: c_rehash uses /usr/local/bin/perl (Re: ca-certificates)

Summary				In	Importance	Status
	10291	c_rehash uses /usr/local/bin/perl (Re: ca-certificates)		openssl (Ubuntu)	High	Fix Released
	10291	c_rehash uses /usr/local/bin/perl (Re: ca-certificates)		openssl (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

DEBIAN: DSA-603
GENTOO: GLSA-200411-15
TRUSTIX: 2004-0050
CONFIRM: http://bugzilla.redhat...
BID: 11293
SECUNIA: 12973
REDHAT: RHSA-2005:476
XF: script-temporary-file-...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2004-0975

Related bugs and status

Related bugs

References