LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Interview: Kristen Carlson Accardi

LWN.net Weekly Edition for July 24, 2008

Tracing: no shortage of options

Interview: Wind River's John Bruggeman

LWN.net Weekly Edition for July 17, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

openssl: der_chop script temp file vulnerability

Package(s):openssl CVE #(s):CAN-2004-0975
Created:November 11, 2004 Updated:July 19, 2005
Description: The der_chop script in openssl has a temp file vulnerability that may allow an attacker to overwrite arbitrary files with the permissions that the script is running under.
Alerts:
Ubuntu USN-24-1 2004-11-11
Debian DSA-603-1 2004-12-01
Mandrake MDKSA-2004:147 2004-12-06
Fedora-Legacy FLSA:152841 2005-07-15
(Log in to post comments)

openssl: der_chop script temp file vulnerability

Posted Jul 28, 2005 8:00 UTC (Thu) by mjc@redhat.com (guest, #2303) [Link]

Fixed by RHSA-2005:476 on 20050601

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.