2.1

CVE-2004-0975

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenSSLOpenSSL Version0.9.6
OpenSSLOpenSSL Version0.9.6a
OpenSSLOpenSSL Version0.9.6b
OpenSSLOpenSSL Version0.9.6c
OpenSSLOpenSSL Version0.9.6d
OpenSSLOpenSSL Version0.9.6e
OpenSSLOpenSSL Version0.9.6f
OpenSSLOpenSSL Version0.9.6g
OpenSSLOpenSSL Version0.9.6h
OpenSSLOpenSSL Version0.9.6i
OpenSSLOpenSSL Version0.9.6j
OpenSSLOpenSSL Version0.9.6k
OpenSSLOpenSSL Version0.9.6l
OpenSSLOpenSSL Version0.9.6m
OpenSSLOpenSSL Version0.9.7c
OpenSSLOpenSSL Version0.9.7d
MandrakesoftMandrake Linux Version9.2
MandrakesoftMandrake Linux Version9.2 Editionamd64
MandrakesoftMandrake Linux Version10.0
MandrakesoftMandrake Linux Version10.0 Editionamd64
MandrakesoftMandrake Linux Version10.1
MandrakesoftMandrake Linux Version10.1 Editionx86_64
MandrakesoftMandrake Linux Corporate Server Version2.1 Editionx86_64
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.42% 0.33
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.trustix.org/errata/2004/0050
https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302
http://secunia.com/advisories/12973
http://www.debian.org/security/2004/dsa-603
http://www.redhat.com/support/errata/RHSA-2005-476.html
http://www.securityfocus.com/bid/11293
Patch
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10621
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A164