Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-2217HistorySep 23, 2013 - 8:55 p.m.
CVE-2013-2217
2013-09-2320:55:07
Debian Security Bug Tracker
security-tracker.debian.org
3
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.1%
cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | suds | < 0.4.1-8 | suds_0.4.1-8_all.deb |
| Debian | 11 | all | suds | < 0.4.1-8 | suds_0.4.1-8_all.deb |
| Debian | 10 | all | suds | < 0.4.1-8 | suds_0.4.1-8_all.deb |
| Debian | 999 | all | suds | < 0.4.1-8 | suds_0.4.1-8_all.deb |
| Debian | 13 | all | suds | < 0.4.1-8 | suds_0.4.1-8_all.deb |
Related
cve
cve
CVE-2013-2217
2013-09-23 20:55:07
nessus
nessus
openSUSE Security Update : python-suds-jurko (openSUSE-2016-1178)
2016-10-13 00:00:00
RHEL 7 : python-suds (Unpatched Vulnerability)
2024-06-03 00:00:00
Ubuntu 12.04 LTS / 12.10 / 13.04 : suds vulnerability (USN-2008-1)
2013-10-25 00:00:00
securityvulns
securityvulns
[USN-2008-1] Suds vulnerability
2013-10-28 00:00:00
Suds symbolic links vulnerability
2013-10-28 00:00:00
osv
osv
PYSEC-2013-32
2013-09-23 20:55:00
PYSEC-2013-33
2013-09-23 20:55:00
Improper Link Resolution Before File Access in Suds
2022-05-14 01:08:23
nvd
nvd
CVE-2013-2217
2013-09-23 20:55:07
ubuntucve
ubuntucve
CVE-2013-2217
2013-09-23 00:00:00
mageia
mageia
Updated python-suds package fixes security vulnerability
2013-07-21 13:25:10
cvelist
cvelist
CVE-2013-2217
2013-09-23 20:00:00
github
github
Improper Link Resolution Before File Access in Suds
2022-05-14 01:08:23
ubuntu
ubuntu
Suds vulnerability
2013-10-24 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-2008-1)
2013-10-29 00:00:00
Mageia: Security Advisory (MGASA-2013-0224)
2022-01-28 00:00:00
Ubuntu Update for suds USN-2008-1
2013-10-29 00:00:00
freebsd
freebsd
py-suds -- vulnerable to symlink attacks
2013-09-23 00:00:00
prion
prion
Design/Logic Flaw
2013-09-23 20:55:00
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2013-2217