|
|
Log in / Subscribe / Register

python-suds: symbolic link attack

Package(s):python-suds CVE #(s):CVE-2013-2217
Created:July 17, 2013 Updated:October 13, 2016
Description: From the bug report:

An insecure temporary directory use flaw was found in the way python-suds, a Python SOAP web services client library, performed initialization of its internal file-based URL cache (predictable location was used for directory to store the cached files). A local attacker could use this flaw to conduct symbolic link attacks, possibly leading to their ability for example the SOAP .wsdl metadata to redirect queries to a different host, than originally intended.

Alerts:
openSUSE openSUSE-SU-2016:2516-1 python-suds-jurko 2016-10-12
Ubuntu USN-2008-1 suds 2013-10-24
Mageia MGASA-2013-0224 python-suds 2013-07-21
openSUSE openSUSE-SU-2013:1208-1 python-suds 2013-07-17
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds