{"cve": [{"lastseen": "2019-05-29T18:07:57", "bulletinFamily": "NVD", "description": "Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script.", "modified": "2008-09-05T20:34:00", "id": "CVE-2003-0381", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0381", "published": "2003-07-24T04:00:00", "title": "CVE-2003-0381", "type": "cve", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2017-07-24T12:50:05", "bulletinFamily": "scanner", "description": "The remote host is missing an update to noweb\nannounced via advisory DSA 323-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53612", "id": "OPENVAS:53612", "title": "Debian Security Advisory DSA 323-1 (noweb)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_323_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 323-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Jakob Lell discovered a bug in the 'noroff' script included in noweb\nwhereby a temporary file was created insecurely. During a review,\nseveral other instances of this problem were found and fixed. Any of\nthese bugs could be exploited by a local user to overwrite arbitrary\nfiles owned by the user invoking the script.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.9a-7.3.\n\nFor old stable distribution (potato) this problem has been fixed in\nversion 2.9a-5.1.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you update your noweb package.\";\ntag_summary = \"The remote host is missing an update to noweb\nannounced via advisory DSA 323-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20323-1\";\n\nif(description)\n{\n script_id(53612);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2003-0381\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 323-1 (noweb)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"nowebm\", ver:\"2.9a-5.1\", rls:\"DEB2.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nowebm\", ver:\"2.9a-7.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:08", "bulletinFamily": "software", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA 323-1 security@debian.org\r\nhttp://www.debian.org/security/ Matt Zimmerman\r\nJune 16th, 2003 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : noweb\r\nVulnerability : insecure temporary files\r\nProblem-Type : local\r\nDebian-specific: no\r\nCVE Id : CAN-2003-0381\r\n\r\nJakob Lell discovered a bug in the 'noroff' script included in noweb\r\nwhereby a temporary file was created insecurely. During a review,\r\nseveral other instances of this problem were found and fixed. Any of\r\nthese bugs could be exploited by a local user to overwrite arbitrary\r\nfiles owned by the user invoking the script.\r\n\r\nFor the stable distribution (woody) these problems have been fixed in\r\nversion 2.9a-7.3.\r\n\r\nFor old stable distribution (potato) this problem has been fixed in\r\nversion 2.9a-5.1.\r\n\r\nFor the unstable distribution (sid) this problem will be fixed soon.\r\n\r\nWe recommend that you update your noweb package.\r\n\r\nUpgrade Instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\nDebian GNU/Linux 2.2 alias potato\r\n- ---------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a-5.1.dsc\r\n Size/MD5 checksum: 597 137a3145bc50159f0b9abd217d9f2f62\r\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a-5.1.diff.gz\r\n Size/MD5 checksum: 69048 a77cc9e502d6e891c6aa74df7b0c9fe5\r\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a.orig.tar.gz\r\n Size/MD5 checksum: 687372 1096b16aaa281a97e269eb5d80236296\r\n\r\n Alpha architecture:\r\n\r\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-5.1_alpha.deb\r\n Size/MD5 checksum: 1327308 10b065044f506c8c548bb6e2c76c5fec\r\n\r\n Intel IA-32 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-5.1_i386.deb\r\n Size/MD5 checksum: 976072 ffa9f84860085bfda89791c79867d3fd\r\n\r\nDebian GNU/Linux 3.0 alias woody\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a-7.2.dsc\r\n Size/MD5 checksum: 607 ac68c7e4f9057d9b5a38238c28f7d266\r\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a-7.2.diff.gz\r\n Size/MD5 checksum: 41136 122211b0a7590e7cdc21aaa9a890d082\r\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a.orig.tar.gz\r\n Size/MD5 checksum: 687372 1096b16aaa281a97e269eb5d80236296\r\n\r\n Alpha architecture:\r\n\r\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_alpha.deb\r\n Size/MD5 checksum: 1339532 6f3f10aa4a5056d003c91b3f4564871c\r\n\r\n ARM architecture:\r\n\r\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_arm.deb\r\n Size/MD5 checksum: 1061418 6ca2d4bd8026333006c2566f918f12ca\r\n\r\n Intel IA-32 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_i386.deb\r\n Size/MD5 checksum: 966664 b4a1b216e98e3dda4bd62eb37618f1ca\r\n\r\n HP Precision architecture:\r\n\r\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_hppa.deb\r\n Size/MD5 checksum: 1257458 4d13eb89c7cf9ba72ab0a30e4d5cb7ab\r\n\r\n Motorola 680x0 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_m68k.deb\r\n Size/MD5 checksum: 920562 110bd24b5abaa99d2633121b8b103825\r\n\r\n Big endian MIPS architecture:\r\n\r\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_mips.deb\r\n Size/MD5 checksum: 1145274 7dbf6bdbe25c08f94984fbf9b5e2979f\r\n\r\nThese files will probably be moved into the stable distribution on its\r\nnext revision.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.2 (GNU/Linux)\r\n\r\niD8DBQE+7nekArxCt0PiXR4RAhRZAJ9udxuKFSon+iJCuLgXcrKRLYbi5wCgtOKG\r\nwgC2UzSHCaULyXFXDtzDMP0=\r\n=VCnW\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2003-06-21T00:00:00", "published": "2003-06-21T00:00:00", "id": "SECURITYVULNS:DOC:4724", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:4724", "title": "[SECURITY] [DSA-323-1] New noweb packages fix insecure temporary file creation", "type": "securityvulns", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2019-05-30T02:21:45", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 323-1 security@debian.org\nhttp://www.debian.org/security/ Matt Zimmerman\nJune 16th, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : noweb\nVulnerability : insecure temporary files\nProblem-Type : local\nDebian-specific: no\nCVE Id : CAN-2003-0381\n\nJakob Lell discovered a bug in the 'noroff' script included in noweb\nwhereby a temporary file was created insecurely. During a review,\nseveral other instances of this problem were found and fixed. Any of\nthese bugs could be exploited by a local user to overwrite arbitrary\nfiles owned by the user invoking the script.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.9a-7.3.\n\nFor old stable distribution (potato) this problem has been fixed in\nversion 2.9a-5.1.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you update your noweb package.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 2.2 alias potato\n- ---------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a-5.1.dsc\n Size/MD5 checksum: 597 137a3145bc50159f0b9abd217d9f2f62\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a-5.1.diff.gz\n Size/MD5 checksum: 69048 a77cc9e502d6e891c6aa74df7b0c9fe5\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a.orig.tar.gz\n Size/MD5 checksum: 687372 1096b16aaa281a97e269eb5d80236296\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-5.1_alpha.deb\n Size/MD5 checksum: 1327308 10b065044f506c8c548bb6e2c76c5fec\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-5.1_i386.deb\n Size/MD5 checksum: 976072 ffa9f84860085bfda89791c79867d3fd\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a-7.2.dsc\n Size/MD5 checksum: 607 ac68c7e4f9057d9b5a38238c28f7d266\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a-7.2.diff.gz\n Size/MD5 checksum: 41136 122211b0a7590e7cdc21aaa9a890d082\n http://security.debian.org/pool/updates/main/n/noweb/noweb_2.9a.orig.tar.gz\n Size/MD5 checksum: 687372 1096b16aaa281a97e269eb5d80236296\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_alpha.deb\n Size/MD5 checksum: 1339532 6f3f10aa4a5056d003c91b3f4564871c\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_arm.deb\n Size/MD5 checksum: 1061418 6ca2d4bd8026333006c2566f918f12ca\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_i386.deb\n Size/MD5 checksum: 966664 b4a1b216e98e3dda4bd62eb37618f1ca\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_hppa.deb\n Size/MD5 checksum: 1257458 4d13eb89c7cf9ba72ab0a30e4d5cb7ab\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_m68k.deb\n Size/MD5 checksum: 920562 110bd24b5abaa99d2633121b8b103825\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/n/noweb/nowebm_2.9a-7.3_mips.deb\n Size/MD5 checksum: 1145274 7dbf6bdbe25c08f94984fbf9b5e2979f\n\nThese files will probably be moved into the stable distribution on its\nnext revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2003-06-16T00:00:00", "published": "2003-06-16T00:00:00", "id": "DEBIAN:DSA-323-1:12248", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00115.html", "title": "[SECURITY] [DSA-323-1] New noweb packages fix insecure temporary file creation", "type": "debian", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2019-11-01T02:21:21", "bulletinFamily": "scanner", "description": "Jakob Lell discovered a bug in the ", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DSA-323.NASL", "href": "https://www.tenable.com/plugins/nessus/15160", "published": "2004-09-29T00:00:00", "title": "Debian DSA-323-1 : noweb - insecure temporary files", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-323. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15160);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2019/08/02 13:32:17\");\n\n script_cve_id(\"CVE-2003-0381\");\n script_bugtraq_id(7937);\n script_xref(name:\"DSA\", value:\"323\");\n\n script_name(english:\"Debian DSA-323-1 : noweb - insecure temporary files\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jakob Lell discovered a bug in the 'noroff' script included in noweb\nwhereby a temporary file was created insecurely. During a review,\nseveral other instances of this problem were found and fixed. Any of\nthese bugs could be exploited by a local user to overwrite arbitrary\nfiles owned by the user invoking the script.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-323\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (woody) these problems have been fixed in\nversion 2.9a-7.3.\n\nFor old stable distribution (potato) this problem has been fixed in\nversion 2.9a-5.1.\n\nWe recommend that you update your noweb package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:noweb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:2.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"2.2\", prefix:\"nowebm\", reference:\"2.9a-5.1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"nowebm\", reference:\"2.9a-7.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}]}