LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

openssl: der_chop script temp file vulnerability

Package(s):openssl CVE #(s):CAN-2004-0975
Created:November 11, 2004 Updated:July 19, 2005
Description: The der_chop script in openssl has a temp file vulnerability that may allow an attacker to overwrite arbitrary files with the permissions that the script is running under.
Alerts:
Fedora-Legacy FLSA:152841 2005-07-15
Mandrake MDKSA-2004:147 2004-12-06
Debian DSA-603-1 2004-12-01
Ubuntu USN-24-1 2004-11-11
(Log in to post comments)

openssl: der_chop script temp file vulnerability

Posted Jul 28, 2005 8:00 UTC (Thu) by mjc@redhat.com (guest, #2303) [Link]

Fixed by RHSA-2005:476 on 20050601

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds