Family: Debian Local Security Checks --> Category: infos
[DSA323] DSA-323-1 noweb Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Jakob Lell discovered a bug in the 'noroff' script included in noweb
whereby a temporary file was created insecurely. During a review,
several other instances of this problem were found and fixed. Any of
these bugs could be exploited by a local user to overwrite arbitrary
files owned by the user invoking the script.
For the stable distribution (woody) these problems have been fixed in
For old stable distribution (potato) this problem has been fixed in
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you update your noweb package.
Solution : http://www.debian.org/security/2003/dsa-323
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.