EUVD-2005-3341

Malware in sbrugna...

EUVD-2003-0376

Malware in sbrugna...

CVE-2003-0381

Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script...

Gentoo Security Advisory GLSA 200602-14 (noweb)

The remote host is missing updates announced in advisory GLSA 200602-14. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 968-1 (noweb)

The remote host is missing an update to noweb announced via advisory DSA 968-1. Javier Fernández-Sanguino Peña from the Debian Security Audit project discovered that a script in noweb, a web like literate-programming tool, creates a temporary file in an insecure fashion. For the old stable...

Debian Security Advisory DSA 323-1 (noweb)

The remote host is missing an update to noweb announced via advisory DSA 323-1. OpenVAS Vulnerability Test $Id: deb3231.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 323-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-323)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-968-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-968-1 : noweb - insecure temporary file

Javier Fernandez-Sanguino Pena from the Debian Security Audit project discovered that a script in noweb, a web like literate-programming tool, creates a temporary file in an insecure fashion. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

Ubuntu 4.10 / 5.04 / 5.10 : noweb vulnerability (USN-254-1)

Javier Fernandez-Sanguino Pena discovered that noweb scripts created temporary files in an insecure way. This could allow a symlink attack to create or overwrite arbitrary files with the privileges of the user running noweb. Note that Tenable Network Security has extracted the preceding descripti...

GLSA-200602-14 : noweb: Insecure temporary file creation

The remote host is affected by the vulnerability described in GLSA-200602-14 noweb: Insecure temporary file creation Javier Fernandez-Sanguino has discovered that the lib/toascii.nw and shell/roff.mm scripts insecurely create temporary files with predictable filenames. Impact : A local attacker...

noweb: Insecure temporary file creation

Background noweb is a simple, extensible, and language independent literate programming tool. Description Javier Fernandez-Sanguino has discovered that the lib/toascii.nw and shell/roff.mm scripts insecurely create temporary files with predictable filenames. Impact A local attacker could create...

USN-254-1: noweb vulnerability

Javier Fernández-Sanguino Peña discovered that noweb scripts created temporary files in an insecure way. This could allow a symlink attack to create or overwrite arbitrary files with the privileges of the user running noweb...

CVE-2005-3342

noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in 1 lib/toascii.nw and 2 shell/roff.mm...

CVE-2005-3342

CVE-2005-3342 affects noweb up to version 2.10c and earlier, allowing local users to overwrite arbitrary files via symlink attacks on temporary files created by the scripts lib/toascii.nw and shell/roff.mm. Public analyses (Gentoo GLSA 200602-14, Debian DSA-968-1, Ubuntu USN-254-1) describe insec...

CVE-2005-3342

noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in 1 lib/toascii.nw and 2 shell/roff.mm...

[SECURITY] [DSA 968-1] New noweb packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 968-1 [email protected] http://www.debian.org/security/ Martin Schulze February 13th, 2006 http://www.debian.org/security/faq -...

[SECURITY] [DSA 968-1] New noweb packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 968-1 [email protected] http://www.debian.org/security/ Martin Schulze February 13th, 2006 http://www.debian.org/security/faq -...

[Full-disclosure] [SECURITY] [DSA 968-1] New noweb packages fix insecure temporary file creation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 968-1 [email protected] http://www.debian.org/security/ Martin Schulze February 13th, 2006 http://www.debian.org/security/faq -...

DSA-968-1 noweb - insecure temporary file

Bulletin has no description...