oval:org.mitre.oval:def:164

Definition Id: oval:org.mitre.oval:def:164

Oval ID:	oval:org.mitre.oval:def:164
Title:	Trustix Secure Linux der_chop Script Symlink Attack Vulnerability
Description:	The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0975	Version:	1
Platform(s):	Red Hat Enterprise Linux 3	Product(s):	OpenSSL
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND openssl, openssl-devel, OR openssl-perl older than 0.9.7a-33.15 or openssl096b older than 0.9.6b-16.22.3 openssl-perl is older than 0.9.7a-33.15 AND openssl-devel older than 0.9.7a-33.15 AND openssl older than 0.9.7a-33.15 AND openssl096b package is older than 0.9.6b-16.22.3.i386.rpm AND Configuration section /tmp is writable by everyone