Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:147: openssl Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the openssl package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:147 (openssl).
The Trustix developers found that the der_chop script, included in the openssl
package, created temporary files insecurely. This could allow local users to
overwrite files using a symlink attack.
The updated packages have been patched to prevent this problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:147
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.