|
|
Family: Debian Local Security Checks --> Category: infos
[DSA1176] DSA-1176-1 zope2.7 Vulnerability Scan
Vulnerability Scan Summary
DSA-1176-1 zope2.7
Detailed Explanation for this Vulnerability Test
It was discovered that the Zope web application server does not disable
the csv_table directive in web pages containing ReST markup, allowing
the exposure of files readable by the Zope server.
For the stable distribution (sarge) this problem has been fixed in
version 2.7.5-2sarge2.
The unstable distribution (sid) doesn't contain zope2.7 any longer, for
zope2.8 this problem has been fixed in version 2.8.8-2.
We recommend that you upgrade your Zope package.
Solution : http://www.debian.org/security/2006/dsa-1176
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
