Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0483

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2000-0483
Last Modified 05 Sep 2008 04:21:07
Published 15 Jun 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0483

Summary

The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization.

Vulnerable Systems

Application

  • Redhat Linux Powertools 6.1

  • Redhat Linux Powertools 6.2

  • Zope 1.10.3

  • Zope 2.1.1

  • Zope 2.1.7


References

CONFIRM - http://www.zope.org/Products/Zope/Hotfix_06_16_2000/security_alert

BUGTRAQ - 20000615 [Brian@digicool.com: [Zope] Zope security alert and 2.1.7 update [*important*]]

XF - zope-dtml-remote-modify

BUGTRAQ - 2000615 Conectiva Linux Security Announcement - ZOPE

BID - 1354

REDHAT - RHSA-2000:038

BUGTRAQ - 20000728 MDKSA-2000:026 Zope update

FREEBSD - FreeBSD-SA-00:38


Last Updated: 27 May 2016 10:35:44