Detections
Analytics
Mandrake Linux Security Advisory : Zope (MDKSA-2001:049)
medium Nessus Plugin ID 61913
Language:
Synopsis
The remote Mandrake Linux host is missing one or more security updates.Description
Another problem was discovered in Zope that fixes a problem with ZClasses. Any user can visit a ZClass declaration and change the ZClass permission mappings for methods and other objects defined within the ZClass, possibly allowing for unauthorized access within the Zope instance. The Zope Hotfix 2001-05-01 corrects this problem.Solution
Update the affected packages.See Also
http://www.zope.org/Products/Zope/Hotfix_2001-05-01/security_alert
Plugin Details
Severity: Medium
ID: 61913
File Name: mandrake_MDKSA-2001-049.nasl
Version: 1.6
Type: local
Family: Mandriva Local Security Checks
Published: 9/6/2012
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.8
CVSS v2
Risk Factor: Medium
Base Score: 4.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:zope, p-cpe:/a:mandriva:linux:zope-components, p-cpe:/a:mandriva:linux:zope-core, p-cpe:/a:mandriva:linux:zope-pcgi, p-cpe:/a:mandriva:linux:zope-services, p-cpe:/a:mandriva:linux:zope-zpublisher, p-cpe:/a:mandriva:linux:zope-zserver, p-cpe:/a:mandriva:linux:zope-ztemplates, cpe:/o:mandrakesoft:mandrake_linux:7.1, cpe:/o:mandrakesoft:mandrake_linux:7.2
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Patch Publication Date: 5/10/2001
Reference Information
CVE: CVE-2001-0567, CVE-2001-0568
MDKSA: 2001:049