|
Family: Web Servers --> Category: infos
Zope Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks Zope version
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains an application server that is prone to
multiple vulnerabilities.
Description :
The remote web server is a version of Zope which is older than version
2.6.3.
There are multiple security issues in all releases prior to version
2.6.3 or 2.7 BETA4 which can be exploited by a possible hacker to perform cross
site scripting attacks, obtain information about the remote host, or
disable this service remotely.
*** Nessus solely relied on the version number of your server, so if
*** the hotfix has already been applied, this might be a false positive
See also :
http://mail.zope.org/pipermail/zope-announce/2004-January/001325.html
Solution :
Upgrade to Zope 2.6.3 or later.
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|