|
Family: Web Servers --> Category: infos
Zope DocumentTemplate package problem Vulnerability Scan
Vulnerability Scan Summary Checks for Zope
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains an application server that fails to
protect stored content and code from modification by remote users.
Description :
The remote web server is Zope < 2.1.7. There is a security problem in
these versions that can allow the contents of DTMLDocuments or
DTMLMethods to be changed without forcing proper user authentication.
See also :
http://mail.zope.org/pipermail/zope/2000-June/111952.html
http://www.zope.org/Products/Zope/Hotfix_06_16_2000/security_alert
Solution :
Upgrade to Zope 2.1.7 or later.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|