CVE-2004-0975

Published: Feb 9, 2005Modified: Apr 16, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

Affected (26)

Products: Mandrakesoft: Mandrake Multi Network Firewall, Mandrake Linux, Mandrake Linux Corporate Server · Openssl: Openssl · Gentoo: Linux

Mandrakesoft

3 products

Mandrake Multi Network Firewall

Mandrake Linux

Mandrake Linux Corporate Server

1 product

1 product

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Mandrakesoft Mandrake Multi Network Firewall	Version 8.2
Openssl Openssl	Version 0.9.6
Openssl Openssl	Version 0.9.6a
Openssl Openssl	Version 0.9.6b
Openssl Openssl	Version 0.9.6c
Openssl Openssl	Version 0.9.6d
Openssl Openssl	Version 0.9.6e
Openssl Openssl	Version 0.9.6f
Openssl Openssl	Version 0.9.6g
Openssl Openssl	Version 0.9.6h
Openssl Openssl	Version 0.9.6i
Openssl Openssl	Version 0.9.6j
Openssl Openssl	Version 0.9.6k
Openssl Openssl	Version 0.9.6l
Openssl Openssl	Version 0.9.6m
Openssl Openssl	Version 0.9.7c
Openssl Openssl	Version 0.9.7d

Configuration B

9 vulnerable

Vulnerable Software	Affected Versions
Gentoo Linux	All versions
Mandrakesoft Mandrake Linux	Version 10.0
Mandrakesoft Mandrake Linux	Version 10.0
Mandrakesoft Mandrake Linux	Version 10.1
Mandrakesoft Mandrake Linux	Version 10.1
Mandrakesoft Mandrake Linux	Version 9.2
Mandrakesoft Mandrake Linux	Version 9.2
Mandrakesoft Mandrake Linux Corporate Server	Version 2.1
Mandrakesoft Mandrake Linux Corporate Server	Version 2.1