Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0128

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0128
Last Modified 10 Sep 2008 03:07:17
Published 12 Mar 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0128

Summary

Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.

Vulnerable Systems

Operating System

  • Conectiva Linux 4.2

  • Conectiva Linux 5.0

  • Conectiva Linux 5.1

  • Conectiva Linux 6.0

  • Debian Linux 2.2

  • Freebsd 6.2

  • Mandrakesoft Mandrake Linux 7.1

  • Mandrakesoft Mandrake Linux 7.2

  • Redhat Linux 6.1

  • Redhat Linux 6.2

  • Redhat Linux 7.0

Application

  • Redhat Linux Powertools 6.1

  • Redhat Linux Powertools 6.2

  • Redhat Linux Powertools 7.0

  • Zope 2.2.4


References

MANDRAKE - MDKSA-2000-083

DEBIAN - DSA-006-1

FREEBSD - FreeBSD-SA-01:06

XF - zope-calculate-roles

REDHAT - RHSA-2000:127

OSVDB - 6284

CONECTIVA - CLA-2000:365


Last Updated: 27 May 2016 10:36:08