|
Family: Ubuntu Local Security Checks --> Category: infos
USN254-1 : noweb vulnerability Vulnerability Scan
Vulnerability Scan Summary noweb vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote package "nowebm" is missing a security patch.
Description :
Javier Fernández-Sanguino Peña discovered that noweb scripts created
temporary files in an insecure way. This could allow a symlink attack
to create or overwrite arbitrary files with the rights of the user
running noweb.
Solution :
Upgrade to :
- nowebm-2.10c-3.1ubuntu5.10.1 (Ubuntu 5.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|