|
Family: Web Servers --> Category: attack
Zope Installation Path Disclosure Vulnerability Scan
Vulnerability Scan Summary Checks for Zope installation directory
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains an application server that is prone to
information disclosure.
Description :
There is a minor security problem in all releases of Zope prior to
version 2.5.1b1 - they reveal the installation path when an invalid
XML RPC request is sent.
See also :
http://collector.zope.org/Zope/359
Solution :
Upgrade to Zope 2.5.1b1 / 2.6.0b1 or later.
Threat Level:
Low / CVSS Base Score : 2
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|