ID DSA-1863 Type debian Reporter Debian Modified 2009-08-15T00:00:00
Description
Several remote vulnerabilities have been discovered in the zope, a feature-rich web application server written in python, that could lead to arbitrary code execution in the worst case. The Common Vulnerabilities and Exposures project identified the following problems:
Due to a programming error an authorization method in the StorageServer component of ZEO was not used as an internal method. This allows a malicious client to bypass authentication when connecting to a ZEO server by simply calling this authorization method.
The ZEO server doesn't restrict the callables when unpickling data received from a malicious client which can be used by an attacker to execute arbitrary python code on the server by sending certain exception pickles. This also allows an attacker to import any importable module as ZEO is importing the module containing a callable specified in a pickle to test for a certain flag.
The update also limits the number of new object ids a client can request to 100 as it would be possible to consume huge amounts of resources by requesting a big batch of new object ids. No CVE id has been assigned to this.
The oldstable distribution (etch), this problem has been fixed in version 2.9.6-4etch2 of zope2.9.
For the stable distribution (lenny), this problem has been fixed in version 2.10.6-1+lenny1 of zope2.10.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version 2.10.9-1 of zope2.10.
We recommend that you upgrade your zope2.10/zope2.9 packages.
{"title": "zope2.10/zope2.9 -- several vulnerabilities", "reporter": "Debian", "lastseen": "2016-09-02T18:28:05", "history": [], "modified": "2009-08-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}, "vulnersScore": 7.5}, "hash": "cd48725a361cacb183d5045e98bea9e86f3f6bad07ea370fc4200658c943abe5", "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "arm", "packageFilename": "zope2.10_2.10.6-1+lenny1_arm.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "i686", "packageFilename": "zope2.10_2.10.6-1+lenny1_i386.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "mipsel", "packageFilename": "zope2.10_2.10.6-1+lenny1_mipsel.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "x86-64", "packageFilename": "zope2.10_2.10.6-1+lenny1_amd64.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "mips", "packageFilename": "zope2.9_2.9.6-4etch2_mips.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "sparc", "packageFilename": "zope2.10_2.10.6-1+lenny1_sparc.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9-sandbox", "arch": "all", "packageFilename": "zope2.9-sandbox_2.9.6-4etch2_all.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "mipsel", "packageFilename": "zope2.9_2.9.6-4etch2_mipsel.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "x86-64", "packageFilename": "zope2.9_2.9.6-4etch2_amd64.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "ppc", "packageFilename": "zope2.9_2.9.6-4etch2_powerpc.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "i686", "packageFilename": "zope2.9_2.9.6-4etch2_i386.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10-sandbox", "arch": "all", "packageFilename": "zope2.10-sandbox_2.10.6-1+lenny1_all.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6.orig", "operator": "lt", "packageName": "zope2.9", "arch": "src", "packageFilename": "zope2.9_2.9.6.orig.tar.gz"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "src", "packageFilename": "zope2.9_2.9.6-4etch2.dsc"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1.diff", "operator": "lt", "packageName": "zope2.10", "arch": "src", "packageFilename": "zope2.10_2.10.6-1+lenny1.diff.gz"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "s390x", "packageFilename": "zope2.9_2.9.6-4etch2_s390.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "ppc", "packageFilename": "zope2.10_2.10.6-1+lenny1_powerpc.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2.diff", "operator": "lt", "packageName": "zope2.9", "arch": "src", "packageFilename": "zope2.9_2.9.6-4etch2.diff.gz"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "sparc", "packageFilename": "zope2.9_2.9.6-4etch2_sparc.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "ia64", "packageFilename": "zope2.10_2.10.6-1+lenny1_ia64.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "s390x", "packageFilename": "zope2.10_2.10.6-1+lenny1_s390.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "hppa", "packageFilename": "zope2.10_2.10.6-1+lenny1_hppa.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "armel", "packageFilename": "zope2.10_2.10.6-1+lenny1_armel.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "alpha", "packageFilename": "zope2.10_2.10.6-1+lenny1_alpha.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "ia64", "packageFilename": "zope2.9_2.9.6-4etch2_ia64.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "hppa", "packageFilename": "zope2.9_2.9.6-4etch2_hppa.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6.orig", "operator": "lt", "packageName": "zope2.10", "arch": "src", "packageFilename": "zope2.10_2.10.6.orig.tar.gz"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "arm", "packageFilename": "zope2.9_2.9.6-4etch2_arm.deb"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.10.6-1+lenny1", "operator": "lt", "packageName": "zope2.10", "arch": "src", "packageFilename": "zope2.10_2.10.6-1+lenny1.dsc"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.9.6-4etch2", "operator": "lt", "packageName": "zope2.9", "arch": "alpha", "packageFilename": "zope2.9_2.9.6-4etch2_alpha.deb"}], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "viewCount": 0, "objectVersion": "1.2", "edition": 1, "description": "Several remote vulnerabilities have been discovered in the zope, a feature-rich web application server written in python, that could lead to arbitrary code execution in the worst case. The Common Vulnerabilities and Exposures project identified the following problems:\n\n * [CVE-2009-0668](<https://security-tracker.debian.org/tracker/CVE-2009-0668>)\n\nDue to a programming error an authorization method in the StorageServer component of ZEO was not used as an internal method. This allows a malicious client to bypass authentication when connecting to a ZEO server by simply calling this authorization method.\n\n * [CVE-2009-0668](<https://security-tracker.debian.org/tracker/CVE-2009-0668>)\n\nThe ZEO server doesn't restrict the callables when unpickling data received from a malicious client which can be used by an attacker to execute arbitrary python code on the server by sending certain exception pickles. This also allows an attacker to import any importable module as ZEO is importing the module containing a callable specified in a pickle to test for a certain flag.\n\n * The update also limits the number of new object ids a client can request to 100 as it would be possible to consume huge amounts of resources by requesting a big batch of new object ids. No CVE id has been assigned to this.\n\nThe oldstable distribution (etch), this problem has been fixed in version 2.9.6-4etch2 of zope2.9.\n\nFor the stable distribution (lenny), this problem has been fixed in version 2.10.6-1+lenny1 of zope2.10.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in version 2.10.9-1 of zope2.10.\n\nWe recommend that you upgrade your zope2.10/zope2.9 packages.", "type": "debian", "references": [], "href": "http://www.debian.org/security/dsa-1863", "published": "2009-08-15T00:00:00", "bulletinFamily": "unix", "id": "DSA-1863"}
{"cve": [{"lastseen": "2017-08-17T11:14:14", "references": ["http://www.vupen.com/english/advisories/2009/2217", "http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html", "http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2", "http://www.securityfocus.com/bid/35987", "https://exchange.xforce.ibmcloud.com/vulnerabilities/52379"], "description": "Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to bypass authentication via vectors involving the ZEO network protocol.", "edition": 2, "reporter": "NVD", "published": "2009-08-07T15:30:00", "title": "CVE-2009-0669", "type": "cve", "enchantments": {"score": {"modified": "2017-08-17T11:14:14", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-0669"], "scanner": [], "modified": "2017-08-16T21:29:58", "cpe": ["cpe:/a:zope:zodb:3.8", "cpe:/a:zope:zodb:3.8.1", "cpe:/a:zope:zodb:3.8.0"], "id": "CVE-2009-0669", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0669", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-08-17T11:14:14", "references": ["http://www.vupen.com/english/advisories/2009/2217", "http://mail.zope.org/pipermail/zope-announce/2009-August/002220.html", "http://pypi.python.org/pypi/ZODB3/3.8.2#whats-new-in-zodb-3-8-2", "http://www.securityfocus.com/bid/35987", "https://exchange.xforce.ibmcloud.com/vulnerabilities/52377"], "description": "Unspecified vulnerability in Zope Object Database (ZODB) before 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol.", "edition": 2, "reporter": "NVD", "published": "2009-08-07T15:30:00", "title": "CVE-2009-0668", "type": "cve", "enchantments": {"score": {"modified": "2017-08-17T11:14:14", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-0668"], "scanner": [], "modified": "2017-08-16T21:29:58", "cpe": ["cpe:/a:zope:zodb:3.1.1", "cpe:/a:zope:zodb:3.2.4", "cpe:/a:zope:zodb:2.8.11", "cpe:/a:zope:zodb:3.2", "cpe:/a:zope:zodb:3.4.1", "cpe:/a:zope:zodb:2.10.9", "cpe:/a:zope:zodb:3.5", "cpe:/a:zope:zodb:3.6", "cpe:/a:zope:zodb:3.8.1", "cpe:/a:zope:zodb:3.1", "cpe:/a:zope:zodb:3.8.0", "cpe:/a:zope:zodb:3.3.3", "cpe:/a:zope:zodb:3.3", "cpe:/a:zope:zodb:3.7", "cpe:/a:zope:zodb:2.11.4", "cpe:/a:zope:zodb:2.9.11", "cpe:/a:zope:zodb:3.4"], "id": "CVE-2009-0668", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0668", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2016-09-02T18:36:12", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1:3.6.0-2+lenny3", "packageFilename": "zodb_1:3.6.0-2+lenny3_all.deb", "packageName": "zodb", "arch": "all", "operator": "lt"}], "description": "Several remote vulnerabilities have been discovered in python-zodb, a set of tools for using ZODB, that could lead to arbitrary code execution in the worst case. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2009-0668](<https://security-tracker.debian.org/tracker/CVE-2009-0668>)\n\nThe ZEO server doesn't restrict the callables when unpickling data received from a malicious client which can be used by an attacker to execute arbitrary Python code on the server by sending certain exception pickles. This also allows an attacker to import any importable module as ZEO is importing the module containing a callable specified in a pickle to test for a certain flag.\n\n * [CVE-2009-0669](<https://security-tracker.debian.org/tracker/CVE-2009-0669>)\n\nDue to a programming error, an authorization method in the StorageServer component of ZEO was not used as an internal method. This allows a malicious client to bypass authentication when connecting to a ZEO server by simply calling this authorization method.\n\nThe update also limits the number of new object ids a client can request to 100 as it would be possible to consume huge amounts of resources by requesting a big batch of new object ids. No CVE id has been assigned to this.\n\nFor the oldstable distribution (lenny), this problem has been fixed in version 1:3.6.0-2+lenny3.\n\nThe stable distribution (squeeze) is not affected, it was fixed before the initial release.\n\nFor the unstable distribution (sid), this problem has been fixed in version 1:3.8.2-1.\n\nWe recommend that you upgrade your zodb packages.", "edition": 1, "reporter": "Debian", "published": "2011-05-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "debian", "title": "zodb -- several vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2011-05-10T00:00:00", "id": "DSA-2234", "href": "http://www.debian.org/security/dsa-2234", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-12-04T11:28:02", "references": ["http://www.ubuntu.com/usn/usn-848-1/"], "pluginID": "66062", "description": "The remote host is missing an update to zope3\nannounced via advisory USN-848-1.", "edition": 3, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-19T00:00:00", "title": "Ubuntu USN-848-1 (zope3)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2017-12-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66062", "id": "OPENVAS:66062", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_848_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_848_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-848-1 (zope3)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n zope3 3.2.1-1ubuntu1.2\n\nUbuntu 8.04 LTS:\n zope3 3.3.1-5ubuntu2.2\n\nUbuntu 8.10:\n zope3 3.3.1-7ubuntu0.2\n\nUbuntu 9.04:\n zope3 3.4.0-0ubuntu3.3\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-848-1\";\n\ntag_insight = \"It was discovered that the Zope Object Database (ZODB) database server\n(ZEO) improperly filtered certain commands when a database is shared among\nmultiple applications or application instances. A remote attacker could\nsend malicious commands to the server and execute arbitrary code.\n(CVE-2009-0668)\n\nIt was discovered that the Zope Object Database (ZODB) database server\n(ZEO) did not handle authentication properly when a database is shared\namong multiple applications or application instances. A remote attacker\ncould use this flaw to bypass security restrictions. (CVE-2009-0669)\n\nIt was discovered that Zope did not limit the number of new object ids a\nclient could request. A remote attacker could use this flaw to consume a\nhuge amount of resources, leading to a denial of service. (No CVE\nidentifier)\";\ntag_summary = \"The remote host is missing an update to zope3\nannounced via advisory USN-848-1.\";\n\n \n\n\nif(description)\n{\n script_id(66062);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-19 21:50:22 +0200 (Mon, 19 Oct 2009)\");\n script_cve_id(\"CVE-2009-0668\", \"CVE-2009-0669\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu USN-848-1 (zope3)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-848-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"python-zopeinterface\", ver:\"3.2.1-1ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3-sandbox\", ver:\"3.2.1-1ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3-doc\", ver:\"3.2.1-1ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-zopeinterface\", ver:\"3.2.1-1ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3\", ver:\"3.2.1-1ubuntu1.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3-doc\", ver:\"3.3.1-5ubuntu2.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3-sandbox\", ver:\"3.3.1-5ubuntu2.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-zopeinterface-dbg\", ver:\"3.3.1-5ubuntu2.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-zopeinterface\", ver:\"3.3.1-5ubuntu2.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3-dbg\", ver:\"3.3.1-5ubuntu2.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3\", ver:\"3.3.1-5ubuntu2.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3-doc\", ver:\"3.3.1-7ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3-sandbox\", ver:\"3.3.1-7ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-zopeinterface-dbg\", ver:\"3.3.1-7ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-zopeinterface\", ver:\"3.3.1-7ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3-dbg\", ver:\"3.3.1-7ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3\", ver:\"3.3.1-7ubuntu0.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3-doc\", ver:\"3.4.0-0ubuntu3.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3-sandbox\", ver:\"3.4.0-0ubuntu3.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-zopeinterface-dbg\", ver:\"3.4.0-0ubuntu3.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-zopeinterface\", ver:\"3.4.0-0ubuntu3.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3-dbg\", ver:\"3.4.0-0ubuntu3.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope3\", ver:\"3.4.0-0ubuntu3.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:04:56", "references": [], "pluginID": "136141256231069732", "description": "The remote host is missing an update to zodb\nannounced via advisory DSA 2234-1.", "edition": 3, "reporter": "Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com", "published": "2011-08-03T00:00:00", "title": "Debian Security Advisory DSA 2234-1 (zodb)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231069732", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069732", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2234_1.nasl 9351 2018-04-06 07:05:43Z cfischer $\n# Description: Auto-generated from advisory DSA 2234-1 (zodb)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in python-zodb, a set of\ntools for using ZODB, that could lead to arbitrary code execution in the worst\ncase. The Common Vulnerabilities and Exposures project identified the following\nproblems:\n\nCVE-2009-0668\n\nThe ZEO server doesn't restrict the callables when unpickling data\nreceived from a malicious client which can be used by an attacker to execute\narbitrary python code on the server by sending certain exception pickles. This\nalso allows an attacker to import any importable module as ZEO is importing the\nmodule containing a callable specified in a pickle to test for a certain flag.\n\nCVE-2009-0669\n\nDue to a programming error an authorization method in the StorageServer\ncomponent of ZEO was not used as an internal method. This allows a malicious\nclient to bypass authentication when connecting to a ZEO server by simply\ncalling this authorization method.\n\nThe update also limits the number of new object ids a client can request\nto 100 as it would be possible to consume huge amounts of resources by\nrequesting a big batch of new object ids. No CVE id has been assigned to this.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:3.6.0-2+lenny3.\n\nThe stable distribution (squeeze) is not affected, it was fixed before\nthe initial release.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:3.8.2-1.\n\nWe recommend that you upgrade your zodb packages.\";\ntag_summary = \"The remote host is missing an update to zodb\nannounced via advisory DSA 2234-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202234-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69732\");\n script_version(\"$Revision: 9351 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:05:43 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-0668\", \"CVE-2009-0669\");\n script_name(\"Debian Security Advisory DSA 2234-1 (zodb)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"4-zodb\", ver:\"1:3.6.0-2+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:15", "references": [], "pluginID": "136141256231064746", "description": "The remote host is missing an update to zope2.10/zope2.9\nannounced via advisory DSA 1863-1.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1863-1 (zope2.10/zope2.9)", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064746", "id": "OPENVAS:136141256231064746", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1863_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1863-1 (zope2.10/zope2.9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the zope,\na feature-rich web application server written in python, that could\nlead to arbitrary code execution in the worst case. The Common\nVulnerabilities and Exposures project identified the following problems:\n\nDue to a programming error an authorization method in the StorageServer\ncomponent of ZEO was not used as an internal method. This allows a\nmalicious client to bypass authentication when connecting to a ZEO server\nby simply calling this authorization method (CVE-2009-0668).\n\nThe ZEO server doesn't restrict the callables when unpickling data received\nfrom a malicious client which can be used by an attacker to execute\narbitrary python code on the server by sending certain exception pickles.\nThis also allows an attacker to import any importable module as ZEO is\nimporting the module containing a callable specified in a pickle to test\nfor a certain flag (CVE-2009-0668).\n\nThe update also limits the number of new object ids a client can request\nto 100 as it would be possible to consume huge amounts of resources by\nrequesting a big batch of new object ids. No CVE id has been assigned to\nthis.\n\n\nThe oldstable distribution (etch), this problem has been fixed in\nversion 2.9.6-4etch2 of zope2.9.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.10.6-1+lenny1 of zope2.10.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.10.9-1 of zope2.10.\n\n\nWe recommend that you upgrade your zope2.10/zope2.9 packages.\";\ntag_summary = \"The remote host is missing an update to zope2.10/zope2.9\nannounced via advisory DSA 1863-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201863-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64746\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-0668\", \"CVE-2009-0669\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1863-1 (zope2.10/zope2.9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"zope2.9-sandbox\", ver:\"2.9.6-4etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope2.9\", ver:\"2.9.6-4etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope2.10-sandbox\", ver:\"2.10.6-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope2.10\", ver:\"2.10.6-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:55:52", "references": [], "pluginID": "69732", "description": "The remote host is missing an update to zodb\nannounced via advisory DSA 2234-1.", "edition": 2, "reporter": "Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com", "published": "2011-08-03T00:00:00", "title": "Debian Security Advisory DSA 2234-1 (zodb)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=69732", "id": "OPENVAS:69732", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2234_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2234-1 (zodb)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in python-zodb, a set of\ntools for using ZODB, that could lead to arbitrary code execution in the worst\ncase. The Common Vulnerabilities and Exposures project identified the following\nproblems:\n\nCVE-2009-0668\n\nThe ZEO server doesn't restrict the callables when unpickling data\nreceived from a malicious client which can be used by an attacker to execute\narbitrary python code on the server by sending certain exception pickles. This\nalso allows an attacker to import any importable module as ZEO is importing the\nmodule containing a callable specified in a pickle to test for a certain flag.\n\nCVE-2009-0669\n\nDue to a programming error an authorization method in the StorageServer\ncomponent of ZEO was not used as an internal method. This allows a malicious\nclient to bypass authentication when connecting to a ZEO server by simply\ncalling this authorization method.\n\nThe update also limits the number of new object ids a client can request\nto 100 as it would be possible to consume huge amounts of resources by\nrequesting a big batch of new object ids. No CVE id has been assigned to this.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:3.6.0-2+lenny3.\n\nThe stable distribution (squeeze) is not affected, it was fixed before\nthe initial release.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:3.8.2-1.\n\nWe recommend that you upgrade your zodb packages.\";\ntag_summary = \"The remote host is missing an update to zodb\nannounced via advisory DSA 2234-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202234-1\";\n\n\nif(description)\n{\n script_id(69732);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-0668\", \"CVE-2009-0669\");\n script_name(\"Debian Security Advisory DSA 2234-1 (zodb)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"4-zodb\", ver:\"1:3.6.0-2+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:24", "references": [], "pluginID": "64746", "description": "The remote host is missing an update to zope2.10/zope2.9\nannounced via advisory DSA 1863-1.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-02T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Debian Security Advisory DSA 1863-1 (zope2.10/zope2.9)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64746", "id": "OPENVAS:64746", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1863_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1863-1 (zope2.10/zope2.9)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the zope,\na feature-rich web application server written in python, that could\nlead to arbitrary code execution in the worst case. The Common\nVulnerabilities and Exposures project identified the following problems:\n\nDue to a programming error an authorization method in the StorageServer\ncomponent of ZEO was not used as an internal method. This allows a\nmalicious client to bypass authentication when connecting to a ZEO server\nby simply calling this authorization method (CVE-2009-0668).\n\nThe ZEO server doesn't restrict the callables when unpickling data received\nfrom a malicious client which can be used by an attacker to execute\narbitrary python code on the server by sending certain exception pickles.\nThis also allows an attacker to import any importable module as ZEO is\nimporting the module containing a callable specified in a pickle to test\nfor a certain flag (CVE-2009-0668).\n\nThe update also limits the number of new object ids a client can request\nto 100 as it would be possible to consume huge amounts of resources by\nrequesting a big batch of new object ids. No CVE id has been assigned to\nthis.\n\n\nThe oldstable distribution (etch), this problem has been fixed in\nversion 2.9.6-4etch2 of zope2.9.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.10.6-1+lenny1 of zope2.10.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.10.9-1 of zope2.10.\n\n\nWe recommend that you upgrade your zope2.10/zope2.9 packages.\";\ntag_summary = \"The remote host is missing an update to zope2.10/zope2.9\nannounced via advisory DSA 1863-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201863-1\";\n\n\nif(description)\n{\n script_id(64746);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-0668\", \"CVE-2009-0669\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1863-1 (zope2.10/zope2.9)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"zope2.9-sandbox\", ver:\"2.9.6-4etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope2.9\", ver:\"2.9.6-4etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope2.10-sandbox\", ver:\"2.10.6-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"zope2.10\", ver:\"2.10.6-1+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-02T00:07:54", "references": ["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540465", "http://www.debian.org/security/2011/dsa-2234", "https://security-tracker.debian.org/tracker/CVE-2009-0669", "https://security-tracker.debian.org/tracker/CVE-2009-0668"], "pluginID": "53861", "description": "Several remote vulnerabilities have been discovered in python-zodb, a set of tools for using ZODB, that could lead to arbitrary code execution in the worst case. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-0668 The ZEO server doesn't restrict the callables when unpickling data received from a malicious client which can be used by an attacker to execute arbitrary Python code on the server by sending certain exception pickles.\n This also allows an attacker to import any importable module as ZEO is importing the module containing a callable specified in a pickle to test for a certain flag.\n\n - CVE-2009-0669 Due to a programming error, an authorization method in the StorageServer component of ZEO was not used as an internal method. This allows a malicious client to bypass authentication when connecting to a ZEO server by simply calling this authorization method.\n\nThe update also limits the number of new object ids a client can request to 100 as it would be possible to consume huge amounts of resources by requesting a big batch of new object ids. No CVE id has been assigned to this.", "edition": 6, "reporter": "Tenable", "published": "2011-05-11T00:00:00", "title": "Debian DSA-2234-1 : zodb - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2018-07-09T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:zodb"], "id": "DEBIAN_DSA-2234.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=53861", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2234. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53861);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/09 14:30:24\");\n\n script_cve_id(\"CVE-2009-0668\", \"CVE-2009-0669\");\n script_bugtraq_id(35987);\n script_xref(name:\"DSA\", value:\"2234\");\n\n script_name(english:\"Debian DSA-2234-1 : zodb - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in python-zodb, a\nset of tools for using ZODB, that could lead to arbitrary code\nexecution in the worst case. The Common Vulnerabilities and Exposures\nproject identifies the following problems :\n\n - CVE-2009-0668\n The ZEO server doesn't restrict the callables when\n unpickling data received from a malicious client which\n can be used by an attacker to execute arbitrary Python\n code on the server by sending certain exception pickles.\n This also allows an attacker to import any importable\n module as ZEO is importing the module containing a\n callable specified in a pickle to test for a certain\n flag.\n\n - CVE-2009-0669\n Due to a programming error, an authorization method in\n the StorageServer component of ZEO was not used as an\n internal method. This allows a malicious client to\n bypass authentication when connecting to a ZEO server by\n simply calling this authorization method.\n\nThe update also limits the number of new object ids a client can\nrequest to 100 as it would be possible to consume huge amounts of\nresources by requesting a big batch of new object ids. No CVE id has\nbeen assigned to this.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2011/dsa-2234\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the zodb packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1:3.6.0-2+lenny3.\n\nThe stable distribution (squeeze) is not affected, it was fixed before\nthe initial release.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:zodb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"zodb\", reference:\"1:3.6.0-2+lenny3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:37:03", "references": ["http://www.debian.org/security/2009/dsa-1863", "https://security-tracker.debian.org/tracker/CVE-2009-0668", "https://security-tracker.debian.org/tracker/CVE-2009-0668"], "pluginID": "44728", "description": "Several remote vulnerabilities have been discovered in the zope, a feature-rich web application server written in python, that could lead to arbitrary code execution in the worst case. The Common Vulnerabilities and Exposures project identified the following problems :\n\n - CVE-2009-0668 Due to a programming error an authorization method in the StorageServer component of ZEO was not used as an internal method. This allows a malicious client to bypass authentication when connecting to a ZEO server by simply calling this authorization method.\n\n - CVE-2009-0668 The ZEO server doesn't restrict the callables when unpickling data received from a malicious client which can be used by an attacker to execute arbitrary python code on the server by sending certain exception pickles.\n This also allows an attacker to import any importable module as ZEO is importing the module containing a callable specified in a pickle to test for a certain flag.\n\n - The update also limits the number of new object ids a client can request to 100 as it would be possible to consume huge amounts of resources by requesting a big batch of new object ids. No CVE id has been assigned to this.\n\nThe oldstable distribution (etch), this problem has been fixed in version 2.9.6-4etch2 of zope2.9.", "edition": 6, "reporter": "Tenable", "published": "2010-02-24T00:00:00", "title": "Debian DSA-1863-1 : zope2.10/zope2.9 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2018-07-09T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:zope2.9"], "id": "DEBIAN_DSA-1863.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=44728", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1863. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44728);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/09 14:30:24\");\n\n script_cve_id(\"CVE-2009-0668\", \"CVE-2009-0669\");\n script_bugtraq_id(35987);\n script_xref(name:\"DSA\", value:\"1863\");\n\n script_name(english:\"Debian DSA-1863-1 : zope2.10/zope2.9 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in the zope, a\nfeature-rich web application server written in python, that could lead\nto arbitrary code execution in the worst case. The Common\nVulnerabilities and Exposures project identified the following\nproblems :\n\n - CVE-2009-0668\n Due to a programming error an authorization method in\n the StorageServer component of ZEO was not used as an\n internal method. This allows a malicious client to\n bypass authentication when connecting to a ZEO server by\n simply calling this authorization method.\n\n - CVE-2009-0668\n The ZEO server doesn't restrict the callables when\n unpickling data received from a malicious client which\n can be used by an attacker to execute arbitrary python\n code on the server by sending certain exception pickles.\n This also allows an attacker to import any importable\n module as ZEO is importing the module containing a\n callable specified in a pickle to test for a certain\n flag.\n\n - The update also limits the number of new object ids a\n client can request to 100 as it would be possible to\n consume huge amounts of resources by requesting a big\n batch of new object ids. No CVE id has been assigned to\n this.\n\nThe oldstable distribution (etch), this problem has been fixed in\nversion 2.9.6-4etch2 of zope2.9.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2009/dsa-1863\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the zope2.10/zope2.9 packages.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.10.6-1+lenny1 of zope2.10.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:zope2.9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"zope2.9\", reference:\"2.9.6-4etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"zope2.9-sandbox\", reference:\"2.9.6-4etch2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"zope2.10\", reference:\"2.10.6-1+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"zope2.10-sandbox\", reference:\"2.10.6-1+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:41:55", "references": [], "pluginID": "42146", "description": "It was discovered that the Zope Object Database (ZODB) database server (ZEO) improperly filtered certain commands when a database is shared among multiple applications or application instances. A remote attacker could send malicious commands to the server and execute arbitrary code. (CVE-2009-0668)\n\nIt was discovered that the Zope Object Database (ZODB) database server (ZEO) did not handle authentication properly when a database is shared among multiple applications or application instances. A remote attacker could use this flaw to bypass security restrictions.\n(CVE-2009-0669)\n\nIt was discovered that Zope did not limit the number of new object ids a client could request. A remote attacker could use this flaw to consume a huge amount of resources, leading to a denial of service.\n(No CVE identifier).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2009-10-15T00:00:00", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : zope3 vulnerabilities (USN-848-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2016-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python-zopeinterface", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:python-zopeinterface-dbg", "p-cpe:/a:canonical:ubuntu_linux:zope3-dbg", "p-cpe:/a:canonical:ubuntu_linux:python2.4-zopeinterface", "p-cpe:/a:canonical:ubuntu_linux:zope3-sandbox", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04", "p-cpe:/a:canonical:ubuntu_linux:zope3-doc", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "p-cpe:/a:canonical:ubuntu_linux:zope3"], "id": "UBUNTU_USN-848-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42146", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-848-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42146);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2016/12/01 21:21:52 $\");\n\n script_cve_id(\"CVE-2009-0668\", \"CVE-2009-0669\");\n script_bugtraq_id(35987);\n script_xref(name:\"USN\", value:\"848-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : zope3 vulnerabilities (USN-848-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the Zope Object Database (ZODB) database server\n(ZEO) improperly filtered certain commands when a database is shared\namong multiple applications or application instances. A remote\nattacker could send malicious commands to the server and execute\narbitrary code. (CVE-2009-0668)\n\nIt was discovered that the Zope Object Database (ZODB) database server\n(ZEO) did not handle authentication properly when a database is shared\namong multiple applications or application instances. A remote\nattacker could use this flaw to bypass security restrictions.\n(CVE-2009-0669)\n\nIt was discovered that Zope did not limit the number of new object ids\na client could request. A remote attacker could use this flaw to\nconsume a huge amount of resources, leading to a denial of service.\n(No CVE identifier).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(94, 287);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-zopeinterface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-zopeinterface-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-zopeinterface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:zope3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:zope3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:zope3-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:zope3-sandbox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2016 Canonical, Inc. / NASL script (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python-zopeinterface\", pkgver:\"3.2.1-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-zopeinterface\", pkgver:\"3.2.1-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"zope3\", pkgver:\"3.2.1-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"zope3-doc\", pkgver:\"3.2.1-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"zope3-sandbox\", pkgver:\"3.2.1-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python-zopeinterface\", pkgver:\"3.3.1-5ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python-zopeinterface-dbg\", pkgver:\"3.3.1-5ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"zope3\", pkgver:\"3.3.1-5ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"zope3-dbg\", pkgver:\"3.3.1-5ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"zope3-doc\", pkgver:\"3.3.1-5ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"zope3-sandbox\", pkgver:\"3.3.1-5ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python-zopeinterface\", pkgver:\"3.3.1-7ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python-zopeinterface-dbg\", pkgver:\"3.3.1-7ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"zope3\", pkgver:\"3.3.1-7ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"zope3-dbg\", pkgver:\"3.3.1-7ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"zope3-doc\", pkgver:\"3.3.1-7ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"zope3-sandbox\", pkgver:\"3.3.1-7ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"python-zopeinterface\", pkgver:\"3.4.0-0ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"python-zopeinterface-dbg\", pkgver:\"3.4.0-0ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"zope3\", pkgver:\"3.4.0-0ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"zope3-dbg\", pkgver:\"3.4.0-0ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"zope3-doc\", pkgver:\"3.4.0-0ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"zope3-sandbox\", pkgver:\"3.4.0-0ubuntu3.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-zopeinterface / python-zopeinterface-dbg / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:31", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1863-1 security@debian.org\r\nhttp://www.debian.org/security/ Nico Golde\r\nAugust 15th, 2009 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : zope2.10/zope2.9\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE IDs : CVE-2009-0668 CVE-2009-0669\r\n\r\nSeveral remote vulnerabilities have been discovered in the zope,\r\na feature-rich web application server written in python, that could\r\nlead to arbitrary code execution in the worst case. The Common\r\nVulnerabilities and Exposures project identified the following problems:\r\n\r\nDue to a programming error an authorization method in the StorageServer\r\ncomponent of ZEO was not used as an internal method. This allows a\r\nmalicious client to bypass authentication when connecting to a ZEO server\r\nby simply calling this authorization method (CVE-2009-0668).\r\n\r\nThe ZEO server doesn't restrict the callables when unpickling data received\r\nfrom a malicious client which can be used by an attacker to execute\r\narbitrary python code on the server by sending certain exception pickles.\r\nThis also allows an attacker to import any importable module as ZEO is\r\nimporting the module containing a callable specified in a pickle to test\r\nfor a certain flag (CVE-2009-0668).\r\n\r\nThe update also limits the number of new object ids a client can request\r\nto 100 as it would be possible to consume huge amounts of resources by\r\nrequesting a big batch of new object ids. No CVE id has been assigned to\r\nthis.\r\n\r\n\r\nThe oldstable distribution (etch), this problem has been fixed in\r\nversion 2.9.6-4etch2 of zope2.9.\r\n\r\nFor the stable distribution (lenny), this problem has been fixed in\r\nversion 2.10.6-1+lenny1 of zope2.10.\r\n\r\nFor the testing distribution (squeeze), this problem will be fixed soon.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 2.10.9-1 of zope2.10.\r\n\r\n\r\nWe recommend that you upgrade your zope2.10/zope2.9 packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nDebian (oldstable)\r\n- ------------------\r\n\r\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2.diff.gz\r\n Size/MD5 checksum: 17874 3702a3e4a4519b57a12c7cccc164cf47\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2.dsc\r\n Size/MD5 checksum: 878 d9acba8fb8981d626357ef9d22dc19e5\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6.orig.tar.gz\r\n Size/MD5 checksum: 6977379 e26b1a97ba98194cb6624085aff6abd0\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9-sandbox_2.9.6-4etch2_all.deb\r\n Size/MD5 checksum: 11916 48f2c56b9372820369fa91bef4f5559a\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2_alpha.deb\r\n Size/MD5 checksum: 7027386 3d2cab8478b4eb10beaddcc3362c08fb\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2_amd64.deb\r\n Size/MD5 checksum: 6992354 cc82b279f1ad82a1d076a6fa3c780d2e\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2_arm.deb\r\n Size/MD5 checksum: 6960068 83358a26ad9ae79722835d0ec951d4ac\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2_hppa.deb\r\n Size/MD5 checksum: 7041070 d756089b92f0a69f8b1eaff2491fb95c\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2_i386.deb\r\n Size/MD5 checksum: 6956416 4e5fe78df1d7af6369ff82d1e7dec1db\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2_ia64.deb\r\n Size/MD5 checksum: 7112962 b6ff6326566e61bea15d0a5bd678dfb2\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2_mips.deb\r\n Size/MD5 checksum: 6991206 241e11931a821606564ebb76c7b0e8b6\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2_mipsel.deb\r\n Size/MD5 checksum: 6932122 df0e0efcd5ae42b0a80761e6ec74c228\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2_powerpc.deb\r\n Size/MD5 checksum: 7049416 5361f987828c2080acd197d7967c7748\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2_s390.deb\r\n Size/MD5 checksum: 6959454 0e5f8141533ae484631045be58a40731\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.9/zope2.9_2.9.6-4etch2_sparc.deb\r\n Size/MD5 checksum: 6965468 54d47f6b31654b925bbbc63adc6d04f2\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nDebian (stable)\r\n- ---------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6.orig.tar.gz\r\n Size/MD5 checksum: 7263938 6e983f0e5a0f6f1eedf347038e09b571\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1.dsc\r\n Size/MD5 checksum: 1356 79b85989ea078482571388ac9847f0dd\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1.diff.gz\r\n Size/MD5 checksum: 14698 ad40802de32fbe651eb5a0efac571cd5\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10-sandbox_2.10.6-1+lenny1_all.deb\r\n Size/MD5 checksum: 179592 5011d75ba94a95bbc9162fe7489f032c\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1_alpha.deb\r\n Size/MD5 checksum: 7096336 12b145509ac83da642f1bc5d6776c9e7\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1_amd64.deb\r\n Size/MD5 checksum: 7060682 d4244d62ff01cbc4c4f74e97bc5cff06\r\n\r\narm architecture (ARM)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1_arm.deb\r\n Size/MD5 checksum: 7036812 2d675eeac62d10a125b5a452446ed418\r\n\r\narmel architecture (ARM EABI)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1_armel.deb\r\n Size/MD5 checksum: 7030436 acc8ea9724b4a4ef5ffefca0b27a70e4\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1_hppa.deb\r\n Size/MD5 checksum: 7115728 2747a7f8e0272049db49019dd1aff96a\r\n\r\ni386 architecture (Intel ia32)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1_i386.deb\r\n Size/MD5 checksum: 7039162 e213bd938294ac334027c208f1517560\r\n\r\nia64 architecture (Intel ia64)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1_ia64.deb\r\n Size/MD5 checksum: 7191926 4a2f5fcf4e45214835ac7193ee797052\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1_mipsel.deb\r\n Size/MD5 checksum: 7004356 cea17ee62248140b5b913d2f882d6b2d\r\n\r\npowerpc architecture (PowerPC)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1_powerpc.deb\r\n Size/MD5 checksum: 7091444 a58d2370ecf2f87308c038d1ccea6908\r\n\r\ns390 architecture (IBM S/390)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1_s390.deb\r\n Size/MD5 checksum: 7039020 94363ee0521c6e388cdb2d40ddc80f34\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.debian.org/pool/updates/main/z/zope2.10/zope2.10_2.10.6-1+lenny1_sparc.deb\r\n Size/MD5 checksum: 7026956 c4716557a89f405d5fd2424ae42095b0\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niEYEARECAAYFAkqG2pAACgkQHYflSXNkfP+EWwCeNApiKX0ynYQYE7M8VkPEXAa8\r\n7e8AnjWfjhjCMd2A2a6swF1BMGsGAXd4\r\n=eItf\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2009-08-17T00:00:00", "title": "[SECURITY] [DSA 1863-1] New zope2.10/zope2.9 packages fix arbitrary code execution", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:31", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2009-08-17T00:00:00", "id": "SECURITYVULNS:DOC:22329", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22329", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:33", "references": ["https://vulners.com/securityvulns/securityvulns:doc:22329", "https://vulners.com/securityvulns/securityvulns:doc:22328", "https://vulners.com/securityvulns/securityvulns:doc:22327"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "reporter": " ", "published": "2009-08-17T00:00:00", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:33", "vector": "NONE", "value": 4.3}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "zope", "version": "2.9", "operator": "eq"}, {"name": "Piwigo", "version": "2.0", "operator": "eq"}, {"name": "zope", "version": "2.10", "operator": "eq"}, {"name": "DUGallery", "version": "3.0", "operator": "eq"}], "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2009-08-17T00:00:00", "id": "SECURITYVULNS:VULN:10153", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10153", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:17", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0668", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0669"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "3.4.0-0ubuntu3.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "zope3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "3.2.1-1ubuntu1.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "zope3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "3.3.1-5ubuntu2.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "zope3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "3.3.1-7ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "zope3", "operator": "lt"}], "description": "It was discovered that the Zope Object Database (ZODB) database server (ZEO) improperly filtered certain commands when a database is shared among multiple applications or application instances. A remote attacker could send malicious commands to the server and execute arbitrary code. (CVE-2009-0668)\n\nIt was discovered that the Zope Object Database (ZODB) database server (ZEO) did not handle authentication properly when a database is shared among multiple applications or application instances. A remote attacker could use this flaw to bypass security restrictions. (CVE-2009-0669)\n\nIt was discovered that Zope did not limit the number of new object ids a client could request. A remote attacker could use this flaw to consume a huge amount of resources, leading to a denial of service. (No CVE identifier)", "edition": 3, "reporter": "Ubuntu", "published": "2009-10-14T00:00:00", "title": "Zope vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0668", "CVE-2009-0669"], "modified": "2009-10-14T00:00:00", "id": "USN-848-1", "href": "https://usn.ubuntu.com/848-1/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
