Lucene search
UbuntuUSN-254-1HistoryFeb 22, 2006 - 12:00 a.m.
noweb vulnerability
2006-02-2200:00:00
ubuntu.com
25
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:N/I:P/A:N
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Releases
- Ubuntu 5.10
- Ubuntu 5.04
- Ubuntu 4.10
Details
Javier Fernández-Sanguino Peña discovered that noweb scripts created
temporary files in an insecure way. This could allow a symlink attack
to create or overwrite arbitrary files with the privileges of the user
running noweb.
References
Related
ubuntucve
ubuntucve
CVE-2005-3342
2005-12-31 00:00:00
cve
cve
CVE-2005-3342
2006-02-14 20:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200602-14 (noweb)
2008-09-24 00:00:00
Debian Security Advisory DSA 968-1 (noweb)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200602-14 (noweb)
2008-09-24 00:00:00
debian
debian
debiancve
debiancve
CVE-2005-3342
2006-02-14 20:00:00
securityvulns
securityvulns
nessus
nessus
Ubuntu 4.10 / 5.04 / 5.10 : noweb vulnerability (USN-254-1)
2006-03-13 00:00:00
Debian DSA-968-1 : noweb - insecure temporary file
2006-10-14 00:00:00
GLSA-200602-14 : noweb: Insecure temporary file creation
2006-02-27 00:00:00
cvelist
cvelist
CVE-2005-3342
2006-02-14 20:00:00
osv
osv
noweb - insecure temporary file
2006-02-13 00:00:00
nvd
nvd
CVE-2005-3342
2005-12-31 05:00:00
gentoo
gentoo
noweb: Insecure temporary file creation
2006-02-26 00:00:00
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:N/I:P/A:N
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for USN-254-1