|
Family: Debian Local Security Checks --> Category: infos
[DSA1032] DSA-1032-1 zope-cmfplone Vulnerability Scan
Vulnerability Scan Summary DSA-1032-1 zope-cmfplone
Detailed Explanation for this Vulnerability Test
It was discovered that the Plone content management system lacks security
declarations for three internal classes. This allows manipulation of user
portraits by unprivileged users.
The old stable distribution (woody) doesn't contain Plone.
For the stable distribution (sarge) this problem has been fixed in
version 2.0.4-3sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 2.1.2-2.
We recommend that you upgrade your zope-cmfplone package.
Solution : http://www.debian.org/security/2006/dsa-1032
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|