ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2013.0224
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2013-0224)
Resumen:	The remote host is missing an update for the 'python-suds' package(s) announced via the MGASA-2013-0224 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python-suds' package(s) announced via the MGASA-2013-0224 advisory. Vulnerability Insight: An insecure temporary directory use flaw was found in the way python-suds performed initialization of its internal file-based URL cache (predictable location was used for directory to store the cached files). A local attacker could use this flaw to conduct symbolic link attacks, possibly leading to their ability for example the SOAP .wsdl metadata to redirect queries to a different host, than originally intended (CVE-2013-2217). Affected Software/OS: 'python-suds' package(s) on Mageia 2, Mageia 3. Solution: Please install the updated package(s). CVSS Score: 1.2 CVSS Vector: AV:L/AC:H/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2217 USN-2008-1 http://www.ubuntu.com/usn/USN-2008-1 [oss-security] 20130628 Re: CVE Request -- python-suds: Insecure temporary directory use when initializing file-based URL cache http://www.openwall.com/lists/oss-security/2013/06/27/8 https://bugzilla.redhat.com/show_bug.cgi?id=978696 openSUSE-SU-2013:1208 http://lists.opensuse.org/opensuse-updates/2013-07/msg00062.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.