1.2
CVSSv2

CVE-2013-2217

Published: 23/09/2013 Updated: 22/04/2019
CVSS v2 Base Score: 1.2 | Impact Score: 2.9 | Exploitability Score: 1.9
VMScore: 111
Vector: AV:L/AC:H/Au:N/C:N/I:P/A:N

Vulnerability Summary

cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

jeff ortel suds 0.4

redhat enterprise linux 6.0

opensuse opensuse 12.3

redhat enterprise linux 5

opensuse opensuse 12.2

Vendor Advisories

Suds could be made to overwrite files ...
Debian Bug report logs - #714340 suds: CVE-2013-2217: Insecure temporary directory use when initializing file-based URL cache Package: suds; Maintainer for suds is Scott Talbert <swt@techienet>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 28 Jun 2013 05:27:01 UTC Severity: important Tags: securi ...
cachepy in Suds 04, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/ ...