blob: 6bb30b05fe6d800232c6d915fe937a1463525312 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200602-14">
<title>noweb: Insecure temporary file creation</title>
noweb is vulnerable to symlink attacks, potentially allowing a local user
to overwrite arbitrary files.
<product type="ebuild">noweb</product>
<announced>February 26, 2006</announced>
<revised>February 26, 2006: 01</revised>
<package name="app-text/noweb" auto="yes" arch="*">
<unaffected range="ge">2.9-r5</unaffected>
<vulnerable range="lt">2.9-r5</vulnerable>
noweb is a simple, extensible, and language independent literate
programming tool.
Javier Fernandez-Sanguino has discovered that the lib/toascii.nw
and shell/ scripts insecurely create temporary files with
predictable filenames.
<impact type="normal">
A local attacker could create symbolic links in the temporary file
directory, pointing to a valid file somewhere on the filesystem. When
an affected script is called, this would result in the file being
overwritten with the rights of the user running the script.
There is no known workaround at this time.
All noweb users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=app-text/noweb-2.9-r5&quot;</code>
<uri link="">CVE-2005-3342</uri>
<metadata tag="requester" timestamp="Thu, 23 Feb 2006 20:08:48 +0000">
<metadata tag="bugReady" timestamp="Thu, 23 Feb 2006 20:09:04 +0000">
<metadata tag="submitter" timestamp="Fri, 24 Feb 2006 14:44:04 +0000">