Detections
Analytics
Zope Image and File Update Data Protection Bypass
medium Nessus Plugin ID 10569
Synopsis
The remote web server contains an application server that fails to protect stored content from modification by remote users.Description
According to its banner, the remote web server is Zope < 2.2.5. Such versions suffer from a security issue involving incorrect protection of a data updating method on Image and File objects. Because the method is not correctly protected, it is possible for users with DTML editing privileges to update the raw data of a File or Image object via DTML though they do not have editing privileges on the objects themselves.*** Since Nessus solely relied on the version number of the server,
*** consider this a false positive if the hotfix has already been applied.
Solution
Upgrade to Zope 2.2.5 or apply the hotfix referenced in the vendor advisory above.See Also
https://mail.zope.org/pipermail/zope-announce/2000-December/000323.html
http://www.zope.org/Products/Zope/Hotfix_2000-12-18/security_alert
Plugin Details
Severity: Medium
ID: 10569
File Name: zope_img_updating.nasl
Version: 1.29
Type: remote
Family: Web Servers
Published: 12/19/2000
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 6
Temporal Score: 4.4
Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P
Vulnerability Information
Required KB Items: www/zope
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 12/12/2000
Reference Information
CVE: CVE-2000-1212
BID: 922