CVE-2013-2217

Publication date 23 September 2013

Last updated 24 July 2024

Ubuntu priority

cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
suds	13.10 saucy	Not affected
	13.04 raring	Fixed 0.4.1-5ubuntu0.13.04.1
	12.10 quantal	Fixed 0.4.1-5ubuntu0.12.10.1
	12.04 LTS precise	Fixed 0.4.1-2ubuntu1.1
	10.04 LTS lucid	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-2008-1
Suds vulnerability
24 October 2013

Other references

http://www.openwall.com/lists/oss-security/2013/06/27/5
https://www.cve.org/CVERecord?id=CVE-2013-2217