|
|
OpenSSL DER_CHOP Insecure Temporary File Creation Vulnerability
|
Bugtraq ID:
|
11293
|
|
Class:
|
Design Error
|
|
CVE:
|
CVE-2004-0975
|
|
Remote:
|
No
|
|
Local:
|
Yes
|
|
Published:
|
Sep 30 2004 12:00AM
|
|
Updated:
|
Jul 12 2009 07:06AM
|
|
Credit:
|
The individual or individuals responsible for the discovery of this issue is currently unknown; Trustix security engineers are credited with these discoveries.
|
|
Vulnerable:
|
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Home
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
SGI ProPack 3.0
SGI Advanced Linux Environment 3.0
RedHat Fedora Core3
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
RedHat Desktop 4.0
RedHat Desktop 3.0
OpenSSL Project OpenSSL 0.9.7 d
+
Ubuntu Ubuntu Linux 4.1 ppc
+
Ubuntu Ubuntu Linux 4.1 ia64
+
Ubuntu Ubuntu Linux 4.1 ia32
OpenSSL Project OpenSSL 0.9.7 c
+
OpenPKG OpenPKG 2.0
+
Slackware Linux 9.1
+
Slackware Linux 9.0
+
Slackware Linux -current
OpenSSL Project OpenSSL 0.9.6 m
OpenSSL Project OpenSSL 0.9.6 l
OpenSSL Project OpenSSL 0.9.6 k
+
Blue Coat Systems CacheOS CA/SA 4.1.10
+
Blue Coat Systems Security Gateway OS 3.1
+
Blue Coat Systems Security Gateway OS 3.0
+
Blue Coat Systems Security Gateway OS 2.1.5001 SP1
+
Blue Coat Systems Security Gateway OS 2.1.9
+
Blue Coat Systems Security Gateway OS 2.0
+
Slackware Linux 8.1
OpenSSL Project OpenSSL 0.9.6 j
OpenSSL Project OpenSSL 0.9.6 i
+
HP Apache-Based Web Server 1.3.27 .01
+
HP Apache-Based Web Server 1.3.27 .00
+
HP HP-UX Apache-Based Web Server 1.0.1 .01
+
HP HP-UX Apache-Based Web Server 1.0 .07.01
+
HP HP-UX Apache-Based Web Server 1.0 .06.02
+
HP HP-UX Apache-Based Web Server 1.0 .06.01
+
HP HP-UX Apache-Based Web Server 1.0 .05.01
+
HP HP-UX Apache-Based Web Server 1.0 .04.01
+
HP HP-UX Apache-Based Web Server 1.0 .03.01
+
HP HP-UX Apache-Based Web Server 1.0 .02.01
+
HP HP-UX Apache-Based Web Server 1.0 .01
+
MandrakeSoft Corporate Server 2.1 x86_64
+
MandrakeSoft Corporate Server 2.1
+
MandrakeSoft Linux Mandrake 9.1 ppc
+
MandrakeSoft Linux Mandrake 9.1
+
MandrakeSoft Linux Mandrake 9.0
+
S.u.S.E. Linux Personal 8.2
OpenSSL Project OpenSSL 0.9.6 h
OpenSSL Project OpenSSL 0.9.6 g
+
Conectiva Linux Enterprise Edition 1.0
+
FreeBSD FreeBSD 4.7 -RELEASE
+
FreeBSD FreeBSD 4.7
+
HP Apache-Based Web Server 2.0.43 .04
+
HP Apache-Based Web Server 2.0.43 .00
+
HP Webmin-Based Admin 1.0 .01
+
Immunix Immunix OS 7+
+
NetBSD NetBSD 1.6
+
OpenPKG OpenPKG 1.1
OpenSSL Project OpenSSL 0.9.6 f
OpenSSL Project OpenSSL 0.9.6 e
+
FreeBSD FreeBSD 4.6 -RELEASE
+
FreeBSD FreeBSD 4.6
OpenSSL Project OpenSSL 0.9.6 d
+
Slackware Linux 8.1
OpenSSL Project OpenSSL 0.9.6 c
+
Conectiva Linux 8.0
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0
+
MandrakeSoft Linux Mandrake 8.2
+
S.u.S.E. Linux 8.0 i386
+
S.u.S.E. Linux 8.0
OpenSSL Project OpenSSL 0.9.6 b
+
MandrakeSoft Linux Mandrake 8.1 ia64
+
MandrakeSoft Linux Mandrake 8.1
+
OpenBSD OpenBSD 3.1
+
OpenBSD OpenBSD 3.0
+
RedHat Enterprise Linux AS 2.1 IA64
+
RedHat Enterprise Linux AS 2.1
+
RedHat Enterprise Linux ES 2.1 IA64
+
RedHat Enterprise Linux ES 2.1
+
RedHat Enterprise Linux WS 2.1 IA64
+
RedHat Enterprise Linux WS 2.1
+
RedHat Linux 7.3 i386
+
RedHat Linux 7.3
+
RedHat Linux 7.2 ia64
+
RedHat Linux 7.2 i686
+
RedHat Linux 7.2 i386
+
RedHat Linux 7.2
+
RedHat Linux Advanced Work Station 2.1
+
S.u.S.E. Linux 7.3 sparc
+
S.u.S.E. Linux 7.3 ppc
+
S.u.S.E. Linux 7.3 i386
+
S.u.S.E. Linux Connectivity Server
+
S.u.S.E. Linux Database Server 0
+
S.u.S.E. Linux Enterprise Server 7
+
S.u.S.E. Linux Firewall on CD
+
S.u.S.E. Office Server
+
S.u.S.E. SuSE eMail Server III
+
Sun Linux 5.0.7
+
Sun Linux 5.0.6
+
Sun Linux 5.0.5
+
Sun Linux 5.0.3
+
Sun Linux 5.0
OpenSSL Project OpenSSL 0.9.6 a
+
Conectiva Linux 7.0
+
NetBSD NetBSD 1.5.3
+
NetBSD NetBSD 1.5.2
+
NetBSD NetBSD 1.5.1
+
NetBSD NetBSD 1.5
+
S.u.S.E. Linux 7.2 i386
+
S.u.S.E. Linux 7.1 sparc
+
S.u.S.E. Linux 7.1 ppc
+
S.u.S.E. Linux 7.1 alpha
+
S.u.S.E. Linux 7.1
OpenSSL Project OpenSSL 0.9.6
+
Caldera OpenLinux Server 3.1.1
+
Caldera OpenLinux Server 3.1
+
Caldera OpenLinux Workstation 3.1.1
+
Caldera OpenLinux Workstation 3.1
+
Conectiva Linux 6.0
+
EnGarde Secure Linux 1.0.1
+
HP Secure OS software for Linux 1.0
+
MandrakeSoft Linux Mandrake 8.0 ppc
+
MandrakeSoft Linux Mandrake 8.0
+
NetBSD NetBSD 1.6 beta
+
NetBSD NetBSD 1.6
+
NetBSD NetBSD 1.5.3
+
NetBSD NetBSD 1.5.2
+
NetBSD NetBSD 1.5.1
+
NetBSD NetBSD 1.5
+
OpenBSD OpenBSD 2.9
+
OpenPKG OpenPKG 1.0
+
RedHat Linux 7.3 i386
+
RedHat Linux 7.3
+
RedHat Linux 7.2 i386
+
RedHat Linux 7.2 alpha
+
RedHat Linux 7.1 i386
+
RedHat Linux 7.1 alpha
+
RedHat Linux 7.0 sparc
+
RedHat Linux 7.0 i386
+
RedHat Linux 7.0 alpha
+
Trustix Secure Linux 1.5
+
Trustix Secure Linux 1.2
+
Trustix Secure Linux 1.1
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Linux Mandrake 10.1 x86_64
MandrakeSoft Linux Mandrake 10.1
MandrakeSoft Linux Mandrake 10.0 AMD64
MandrakeSoft Linux Mandrake 10.0
MandrakeSoft Linux Mandrake 9.2 amd64
MandrakeSoft Linux Mandrake 9.2
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Gentoo Linux
Avaya S8710 R2.0.1
Avaya S8710 R2.0.0
Avaya S8700 R2.0.1
Avaya S8700 R2.0.0
Avaya S8500 R2.0.1
Avaya S8500 R2.0.0
Avaya S8300 R2.0.1
Avaya S8300 R2.0.0
Avaya Modular Messaging (MSS) 2.0
Avaya Modular Messaging (MSS) 1.1
Avaya MN100
Avaya Intuity LX
Avaya Integrated Management 2.1
Avaya Integrated Management
Avaya CVLAN
Avaya Converged Communications Server 2.0
|
|
|
|
Not Vulnerable:
|
|
|
|
