CVE-2004-0975

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

Published: Feb 9, 2005
Updated: Apr 13, 2023
CVE: CVE-2004-0975
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
openssl / openssl	0.9.6i	0.9.6i.x
openssl / openssl	0.9.7c	0.9.7c.x
openssl / openssl	0.9.6d	0.9.6d.x
openssl / openssl	0.9.6	0.9.6.x
openssl / openssl	0.9.6a	0.9.6a.x
openssl / openssl	0.9.6f	0.9.6f.x
openssl / openssl	0.9.6l	0.9.6l.x
openssl / openssl	0.9.6e	0.9.6e.x
openssl / openssl	0.9.7d	0.9.7d.x
openssl / openssl	0.9.6b	0.9.6b.x
openssl / openssl	0.9.6k	0.9.6k.x
openssl / openssl	0.9.6g	0.9.6g.x
openssl / openssl	0.9.6h	0.9.6h.x
openssl / openssl	0.9.6j	0.9.6j.x
mandrakesoft / mandrake_multi_network_firewall	8.2	8.2.x
openssl / openssl	0.9.6c	0.9.6c.x
openssl / openssl	0.9.6m	0.9.6m.x
mandrakesoft / mandrake_linux_corporate_server	2.1	2.1.x
mandrakesoft / mandrake_linux	9.2	9.2.x
mandrakesoft / mandrake_linux	10.1	10.1.x
mandrakesoft / mandrake_linux	10.0	10.0.x
gentoo / linux	-	-

Vulnerability Database

289,599

CVE-2004-0975