Description

The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c.

Remediation

References

CVE-2013-6501

Related Vulnerabilities

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2355)

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-5594)

Oracle Database Server CVE-2006-0271 Vulnerability (CVE-2006-0271)

ReviveAdserver Session Fixation Vulnerability (CVE-2016-9125)

WordPress Plugin FV Flowplayer Video Player SQL Injection (7.3.18.727)

Severity

Medium

Classification

CVE-2013-6501 CWE-138

Tags

Missing Update Known Vulnerabilities