Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Gentoo Local Security Checks >> [GLSA-200510-20] Zope: File inclusion through RestructuredText

Vulnerability Assessment Details

[GLSA-200510-20] Zope: File inclusion through RestructuredText
Vulnerability Assessment Summary
Zope: File inclusion through RestructuredText

Detailed Explanation for this Vulnerability Assessment
The remote host is affected by the vulnerability described in GLSA-200510-20
(Zope: File inclusion through RestructuredText)


Zope honors file inclusion directives in RestructuredText objects
by default.

Impact

A possible hacker could exploit the vulnerability by sending malicious
input that would be interpreted in a RestructuredText Zope object,
potentially resulting in the execution of arbitrary Zope code with the
rights of the Zope server.

Workaround

There is no known workaround at this time.

References:
http://www.zope.org/Products/Zope/Hotfix_2005-10-09/security_alert


Solution:
All Zope users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose net-zope/zope


Network Security Threat Level: Medium


Networks Security ID:

Vulnerability Assessment Copyright: (C) 2005 Michel Arboi
Cables, Connectors


NEW Original OEM 60W Power Adapter Charger A1344 for APPLE 13

NEW Original OEM 60W Power Adapter Charger A1344 for APPLE 13" MacBook Pro A1278

$22.24


85W OEM NEW Power Adapter Charger For Apple Macbook Pro 13 15

85W OEM NEW Power Adapter Charger For Apple Macbook Pro 13 15" A1424 A1502 A1398

$24.24


Original OEM 87W USB-C Power Adapter Charger for Apple MacBook Pro 15

Original OEM 87W USB-C Power Adapter Charger for Apple MacBook Pro 15" 13" A1719

$28.44


OEM Apple MacBook Pro 13 A1706 A1708 2017 LCD Screen Display Assembly Silver picture

OEM Apple MacBook Pro 13 A1706 A1708 2017 LCD Screen Display Assembly Silver

$140.99


Genuine Apple A1718 61W USB-C Power Adapter Apple OEM CHARGER picture

Genuine Apple A1718 61W USB-C Power Adapter Apple OEM CHARGER

$24.99


Apple OEM Original (A1374) 45W MagSafe Power Adapter with Fold Plug Only - White picture

Apple OEM Original (A1374) 45W MagSafe Power Adapter with Fold Plug Only - White

$10.95


OEM 61W USB C Type C Adapter Charger for Apple MacBook PRO 13

OEM 61W USB C Type C Adapter Charger for Apple MacBook PRO 13" A1718 + Cable NEW

$23.00


APPLE OEM Original Cinema Display (Aluminum) Power Supply AC Adapter 65w or 90w picture

APPLE OEM Original Cinema Display (Aluminum) Power Supply AC Adapter 65w or 90w

$13.99


OEM 30W USB-C Power Adapter Charger for apple MacBook Air iPhone 11 12 Pro +Cord picture

OEM 30W USB-C Power Adapter Charger for apple MacBook Air iPhone 11 12 Pro +Cord

$22.89


OEM 45W Charger Adapter Supply Power for Apple Macbook Air A1465 A1466 2012-2017 picture

OEM 45W Charger Adapter Supply Power for Apple Macbook Air A1465 A1466 2012-2017

$8.99


Discussions

No Discussions have been posted on this vulnerability.