Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2013.0224
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2013-0224)
Zusammenfassung:	The remote host is missing an update for the 'python-suds' package(s) announced via the MGASA-2013-0224 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'python-suds' package(s) announced via the MGASA-2013-0224 advisory. Vulnerability Insight: An insecure temporary directory use flaw was found in the way python-suds performed initialization of its internal file-based URL cache (predictable location was used for directory to store the cached files). A local attacker could use this flaw to conduct symbolic link attacks, possibly leading to their ability for example the SOAP .wsdl metadata to redirect queries to a different host, than originally intended (CVE-2013-2217). Affected Software/OS: 'python-suds' package(s) on Mageia 2, Mageia 3. Solution: Please install the updated package(s). CVSS Score: 1.2 CVSS Vector: AV:L/AC:H/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2217 USN-2008-1 http://www.ubuntu.com/usn/USN-2008-1 [oss-security] 20130628 Re: CVE Request -- python-suds: Insecure temporary directory use when initializing file-based URL cache http://www.openwall.com/lists/oss-security/2013/06/27/8 https://bugzilla.redhat.com/show_bug.cgi?id=978696 openSUSE-SU-2013:1208 http://lists.opensuse.org/opensuse-updates/2013-07/msg00062.html
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.