Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-968-1
HistoryFeb 13, 2006 - 12:00 a.m.

noweb - insecure temporary file

2006-02-1300:00:00
Google
osv.dev
6

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:H/Au:N/C:N/I:P/A:N

JSON

Javier FernĂĄndez-Sanguino PeĂąa from the Debian Security Audit project
discovered that a script in noweb, a web like literate-programming
tool, creates a temporary file in an insecure fashion.

For the old stable distribution (woody) this problem has been fixed in
version 2.9a-7.4.

For the stable distribution (sarge) this problem has been fixed in
version 2.10c-3.2.

For the unstable distribution (sid) this problem has been fixed in
version 2.10c-3.2.

We recommend that you upgrade your nowebm package.

CPENameOperatorVersion
nowebeq2.10c-3.1

Related

nessus 3
cvelist 1
debian 2
openvas 4
securityvulns 1
debiancve 1
cve 1
ubuntucve 1
ubuntu 1
gentoo 1
nessus
nessus
Ubuntu 4.10 / 5.04 / 5.10 : noweb vulnerability (USN-254-1)
2006-03-13 00:00:00
Debian DSA-968-1 : noweb - insecure temporary file
2006-10-14 00:00:00
GLSA-200602-14 : noweb: Insecure temporary file creation
2006-02-27 00:00:00
cvelist
cvelist
CVE-2005-3342
2006-02-14 20:00:00
debian
debian
[SECURITY] [DSA 968-1] New noweb packages fix insecure temporary file creation
2006-02-13 05:53:08
[SECURITY] [DSA 968-1] New noweb packages fix insecure temporary file creation
2006-02-12 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200602-14 (noweb)
2008-09-24 00:00:00
Debian Security Advisory DSA 968-1 (noweb)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200602-14 (noweb)
2008-09-24 00:00:00
securityvulns
securityvulns
[Full-disclosure] [SECURITY] [DSA 968-1] New noweb packages fix insecure temporary file creation
2006-02-13 00:00:00
debiancve
debiancve
CVE-2005-3342
2005-12-31 05:00:00
cve
cve
CVE-2005-3342
2005-12-31 05:00:00
ubuntucve
ubuntucve
CVE-2005-3342
2005-12-31 00:00:00
ubuntu
ubuntu
noweb vulnerability
2006-02-22 00:00:00
gentoo
gentoo
noweb: Insecure temporary file creation
2006-02-26 00:00:00

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:H/Au:N/C:N/I:P/A:N

JSON
Related for OSV:DSA-968-1
nessus3cvelist1debian2openvas4securityvulns1debiancve1cve1ubuntucve1ubuntu1gentoo1