Search...

Debian DSA-1275-1 : zope2.7 - XSS

2007-04-10T00:00:00

ID DEBIAN_DSA-1275.NASL
Type nessus
Reporter This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.
Modified 2007-04-10T00:00:00

Description

A cross-site scripting vulnerability in zope, a web application server, could allow an attacker to inject arbitrary HTML and/or JavaScript into the victim's web browser. This code would run within the security context of the web browser, potentially allowing the attacker to access private data such as authentication cookies, or to affect the rendering or behavior of zope web pages.

                                        
                                            #%NASL_MIN_LEVEL 70300

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-1275. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(25009);
  script_version("1.18");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2007-0240");
  script_bugtraq_id(23084);
  script_xref(name:"DSA", value:"1275");

  script_name(english:"Debian DSA-1275-1 : zope2.7 - XSS");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A cross-site scripting vulnerability in zope, a web application
server, could allow an attacker to inject arbitrary HTML and/or
JavaScript into the victim's web browser. This code would run within
the security context of the web browser, potentially allowing the
attacker to access private data such as authentication cookies, or to
affect the rendering or behavior of zope web pages."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416500"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.debian.org/security/2007/dsa-1275"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the zope2.7 package.

For the stable distribution (sarge), this problem has been fixed in
version 2.7.5-2sarge4.

The upcoming stable distribution (etch) and the unstable distribution
(sid) include zope2.9, and this vulnerability is fixed in version
2.9.6-4etch1 for etch and 2.9.7-1 for sid."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:zope2.7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/04/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/04/10");
  script_set_attribute(attribute:"vuln_publication_date", value:"2007/03/20");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"3.1", prefix:"zope2.7", reference:"2.7.5-2sarge4")) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "DEBIAN_DSA-1275.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-1275-1 : zope2.7 - XSS", "description": "A cross-site scripting vulnerability in zope, a web application\nserver, could allow an attacker to inject arbitrary HTML and/or\nJavaScript into the victim's web browser. This code would run within\nthe security context of the web browser, potentially allowing the\nattacker to access private data such as authentication cookies, or to\naffect the rendering or behavior of zope web pages.", "published": "2007-04-10T00:00:00", "modified": "2007-04-10T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://www.tenable.com/plugins/nessus/25009", "reporter": "This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.", "references": ["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416500", "http://www.debian.org/security/2007/dsa-1275"], "cvelist": ["CVE-2007-0240"], "type": "nessus", "lastseen": "2021-01-06T09:44:46", "edition": 26, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-0240"]}, {"type": "osvdb", "idList": ["OSVDB:34366"]}, {"type": "openvas", "idList": ["OPENVAS:58327", "OPENVAS:58867"]}, {"type": "freebsd", "idList": ["34414A1E-E377-11DB-B8AB-000C76189C4C"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1275-1:E91C4"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_34414A1EE37711DBB8AB000C76189C4C.NASL", "SUSE_ZOPE-3346.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7465"]}], "modified": "2021-01-06T09:44:46", "rev": 2}, "score": {"value": 4.9, "vector": "NONE", "modified": "2021-01-06T09:44:46", "rev": 2}, "vulnersScore": 4.9}, "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1275. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25009);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-0240\");\n script_bugtraq_id(23084);\n script_xref(name:\"DSA\", value:\"1275\");\n\n script_name(english:\"Debian DSA-1275-1 : zope2.7 - XSS\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A cross-site scripting vulnerability in zope, a web application\nserver, could allow an attacker to inject arbitrary HTML and/or\nJavaScript into the victim's web browser. This code would run within\nthe security context of the web browser, potentially allowing the\nattacker to access private data such as authentication cookies, or to\naffect the rendering or behavior of zope web pages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=416500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2007/dsa-1275\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the zope2.7 package.\n\nFor the stable distribution (sarge), this problem has been fixed in\nversion 2.7.5-2sarge4.\n\nThe upcoming stable distribution (etch) and the unstable distribution\n(sid) include zope2.9, and this vulnerability is fixed in version\n2.9.6-4etch1 for etch and 2.9.7-1 for sid.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:zope2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/04/10\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/03/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"zope2.7\", reference:\"2.7.5-2sarge4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "25009", "cpe": ["cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:zope2.7"], "scheme": null}

{"cve": [{"lastseen": "2020-12-09T19:26:03", "description": "Cross-site scripting (XSS) vulnerability in Zope 2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a HTTP GET request.", "edition": 5, "cvss3": {}, "published": "2007-03-22T18:19:00", "title": "CVE-2007-0240", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0240"], "modified": "2017-07-29T01:30:00", "cpe": ["cpe:/a:zope:zope:2.10.2"], "id": "CVE-2007-0240", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0240", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:zope:zope:2.10.2:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "cvelist": ["CVE-2007-0240"], "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view\n[Secunia Advisory ID:24017](https://secuniaresearch.flexerasoftware.com/advisories/24017/)\n[Secunia Advisory ID:24713](https://secuniaresearch.flexerasoftware.com/advisories/24713/)\n[Secunia Advisory ID:25239](https://secuniaresearch.flexerasoftware.com/advisories/25239/)\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html\nOther Advisory URL: http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00031.html\nISS X-Force ID: 33187\nFrSIRT Advisory: ADV-2007-1041\n[CVE-2007-0240](https://vulners.com/cve/CVE-2007-0240)\nBugtraq ID: 23084\n", "edition": 1, "modified": "2007-03-20T08:19:38", "published": "2007-03-20T08:19:38", "href": "https://vulners.com/osvdb/OSVDB:34366", "id": "OSVDB:34366", "title": "Zope Unspecified HTTP GET Request CSRF", "type": "osvdb", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0240"], "description": "The remote host is missing an update to zope2.7\nannounced via advisory DSA 1275-1.\n\nA cross-site scripting vulnerability in zope, a web application\nserver, could allow an attacker to inject arbitrary HTML and/or\nJavaScript into the victim's web browser. This code would run within\nthe security context of the web browser, potentially allowing the\nattacker to access private data such as authentication cookies, or to\naffect the rendering or behavior of zope web pages.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:58327", "href": "http://plugins.openvas.org/nasl.php?oid=58327", "type": "openvas", "title": "Debian Security Advisory DSA 1275-1 (zope2.7)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1275_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1275-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge), this problem has been fixed in\nversion 2.7.5-2sarge4\n\nThe upcoming stable distribution (etch) and the unstable distribution\n(sid) include zope2.9, and this vulnerability is fixed in version\n2.9.6-4etch1 for etch and 2.9.7-1 for sid.\n\nWe recommend that you upgrade your zope2.7 package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201275-1\";\ntag_summary = \"The remote host is missing an update to zope2.7\nannounced via advisory DSA 1275-1.\n\nA cross-site scripting vulnerability in zope, a web application\nserver, could allow an attacker to inject arbitrary HTML and/or\nJavaScript into the victim's web browser. This code would run within\nthe security context of the web browser, potentially allowing the\nattacker to access private data such as authentication cookies, or to\naffect the rendering or behavior of zope web pages.\";\n\n\nif(description)\n{\n script_id(58327);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:17:11 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-0240\");\n script_bugtraq_id(23084);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 1275-1 (zope2.7)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"zope2.7\", ver:\"2.7.5-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-02T21:10:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0240"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-10-05T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:58867", "href": "http://plugins.openvas.org/nasl.php?oid=58867", "type": "openvas", "title": "FreeBSD Ports: zope", "sourceData": "#\n#VID 34414a1e-e377-11db-b8ab-000c76189c4c\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n zope\n plone\n\n=====\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view\nhttp://plone.org/products/plone/releases/2.5.3\nhttp://www.vuxml.org/freebsd/34414a1e-e377-11db-b8ab-000c76189c4c.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(58867);\n script_version(\"$Revision: 4218 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-10-05 16:20:48 +0200 (Wed, 05 Oct 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2007-0240\");\n script_bugtraq_id(23084);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"FreeBSD Ports: zope\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"zope\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.8\")<0) {\n txt += 'Package zope version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"2.8.0\")>=0 && revcomp(a:bver, b:\"2.8.8\")<=0) {\n txt += 'Package zope version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"2.9.0\")>=0 && revcomp(a:bver, b:\"2.9.6\")<=0) {\n txt += 'Package zope version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"2.10.0\")>=0 && revcomp(a:bver, b:\"2.10.2\")<=0) {\n txt += 'Package zope version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"plone\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.5.3\")<0) {\n txt += 'Package plone version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:36", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0240"], "description": "\nThe Zope Team reports:\n\nA vulnerability has been discovered in Zope, where by certain types\n\t of misuse of HTTP GET, an attacker could gain elevated privileges.\n\t All Zope versions up to and including 2.10.2 are affected.\n\n", "edition": 4, "modified": "2009-03-22T00:00:00", "published": "2007-01-16T00:00:00", "id": "34414A1E-E377-11DB-B8AB-000C76189C4C", "href": "https://vuxml.freebsd.org/freebsd/34414a1e-e377-11db-b8ab-000c76189c4c.html", "title": "zope -- cross-site scripting vulnerability", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2019-05-30T02:21:43", "bulletinFamily": "unix", "cvelist": ["CVE-2007-0240"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1275-1 security@debian.org\nhttp://www.debian.org/security/ Noah Meyerhans\nApril 02, 2007\n- ------------------------------------------------------------------------\n\nPackage : zope2.7\nVulnerability : cross-site scripting\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2007-0240\nBugTraq ID : 23084\nDebian Bug : 416500\n\nA cross-site scripting vulnerability in zope, a web application\nserver, could allow an attacker to inject arbitrary HTML and/or\nJavaScript into the victim's web browser. This code would run within\nthe security context of the web browser, potentially allowing the\nattacker to access private data such as authentication cookies, or to\naffect the rendering or behavior of zope web pages.\n\nFor the stable distribution (sarge), this problem has been fixed in\nversion 2.7.5-2sarge4\n\nThe upcoming stable distribution (etch) and the unstable distribution\n(sid) include zope2.9, and this vulnerability is fixed in version\n2.9.6-4etch1 for etch and 2.9.7-1 for sid.\n\nWe recommend that you upgrade your zope2.7 package.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian 3.1 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5.orig.tar.gz\n Size/MD5 checksum: 2885871 5b5c5823c62370d9f7325c6014a49d8b\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4.diff.gz\n Size/MD5 checksum: 56167 685e49f63b9a702081892b6ed645089f\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4.dsc\n Size/MD5 checksum: 906 8c2978255c5b9aa7306a976690f2a1b9\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_alpha.deb\n Size/MD5 checksum: 2670996 accef51032d175ec661fdf8ee24fef02\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_amd64.deb\n Size/MD5 checksum: 2662496 e7ecf995badfbb26d04a9d2226733ef0\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_arm.deb\n Size/MD5 checksum: 2616846 cf77838bf9f58c4891c0bcbcbef3e4a2\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_hppa.deb\n Size/MD5 checksum: 2737962 48289387ae5aec6619c390472a711457\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_i386.deb\n Size/MD5 checksum: 2631626 b28fa77d6ad2819f60c231181e616ebd\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_ia64.deb\n Size/MD5 checksum: 2961068 94cb9c371e891a7b9618073b85f0b15d\n\nm68k architecture (Motorola Mc680x0)\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_m68k.deb\n Size/MD5 checksum: 2602568 551415edf8048443e31ae622b3e4c20a\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_mips.deb\n Size/MD5 checksum: 2677104 5480833a55d7d52aec4468adf05ed543\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_mipsel.deb\n Size/MD5 checksum: 2679900 bd5a007af00fdf3bc6757aee775383a2\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_powerpc.deb\n Size/MD5 checksum: 2725358 c70d786cb6616b22a409c9423d7e89f0\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_s390.deb\n Size/MD5 checksum: 2664652 3cea3d42b498e00b5e581b6068d2fa28\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge4_sparc.deb\n Size/MD5 checksum: 2672100 19dc901aa2b4da6f945f84b176224c93\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 2, "modified": "2007-04-02T00:00:00", "published": "2007-04-02T00:00:00", "id": "DEBIAN:DSA-1275-1:E91C4", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00031.html", "title": "[SECURITY] [DSA 1275-1] New zope2.7 packages fix cross-site scripting flaw", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-07T10:41:11", "description": "The Zope Team reports :\n\nA vulnerability has been discovered in Zope, where by certain types of\nmisuse of HTTP GET, an attacker could gain elevated privileges. All\nZope versions up to and including 2.10.2 are affected.", "edition": 25, "published": "2007-04-10T00:00:00", "title": "FreeBSD : zope -- XSS vulnerability (34414a1e-e377-11db-b8ab-000c76189c4c)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0240"], "modified": "2007-04-10T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:zope", "p-cpe:/a:freebsd:freebsd:plone"], "id": "FREEBSD_PKG_34414A1EE37711DBB8AB000C76189C4C.NASL", "href": "https://www.tenable.com/plugins/nessus/25015", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25015);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-0240\");\n script_bugtraq_id(23084);\n\n script_name(english:\"FreeBSD : zope -- XSS vulnerability (34414a1e-e377-11db-b8ab-000c76189c4c)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Zope Team reports :\n\nA vulnerability has been discovered in Zope, where by certain types of\nmisuse of HTTP GET, an attacker could gain elevated privileges. All\nZope versions up to and including 2.10.2 are affected.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=111119\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view\"\n );\n # http://plone.org/products/plone/releases/2.5.3\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://plone.org/download\"\n );\n # https://vuxml.freebsd.org/freebsd/34414a1e-e377-11db-b8ab-000c76189c4c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?043d13af\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:plone\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:zope\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/04/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"zope<2.7.9_2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"zope>=2.8.0<=2.8.8\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"zope>=2.9.0<=2.9.6\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"zope>=2.10.0<=2.10.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"plone<2.5.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:47:24", "description": "This update fixes a cross site scripting bug (XSS) in zope\n(CVE-2007-0240).", "edition": 24, "published": "2007-10-17T00:00:00", "title": "openSUSE 10 Security Update : zope (zope-3346)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0240"], "modified": "2007-10-17T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:zope"], "id": "SUSE_ZOPE-3346.NASL", "href": "https://www.tenable.com/plugins/nessus/27504", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update zope-3346.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27504);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-0240\");\n\n script_name(english:\"openSUSE 10 Security Update : zope (zope-3346)\");\n script_summary(english:\"Check for the zope-3346 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a cross site scripting bug (XSS) in zope\n(CVE-2007-0240).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected zope package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:zope\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"zope-2.7.8-15.11\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zope\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:24", "bulletinFamily": "software", "cvelist": ["CVE-2007-1624", "CVE-2007-1607", "CVE-2007-1600", "CVE-2007-1587", "CVE-2007-1632", "CVE-2007-1617", "CVE-2007-1627", "CVE-2007-1707", "CVE-2007-1695", "CVE-2007-1616", "CVE-2007-1643", "CVE-2007-1634", "CVE-2007-1566", "CVE-2007-1615", "CVE-2007-1524", "CVE-2007-1625", "CVE-2007-1640", "CVE-2007-1651", "CVE-2007-1553", "CVE-2007-1623", "CVE-2007-1708", "CVE-2007-1715", "CVE-2007-1699", "CVE-2007-1704", "CVE-2007-1647", "CVE-2007-1612", "CVE-2007-1577", "CVE-2007-1703", "CVE-2007-1596", "CVE-2007-1633", "CVE-2007-1552", "CVE-2007-1555", "CVE-2007-1605", "CVE-2007-1606", "CVE-2007-1705", "CVE-2007-1637", "CVE-2007-1539", "CVE-2007-1712", "CVE-2007-0240", "CVE-2007-1656", "CVE-2007-1635", "CVE-2007-1652", "CVE-2007-1619", "CVE-2007-1630", "CVE-2007-1696", "CVE-2007-1629", "CVE-2007-1641", "CVE-2007-1702", "CVE-2007-1626", "CVE-2007-1604", "CVE-2007-1554", "CVE-2007-1698", "CVE-2007-1697", "CVE-2007-1706", "CVE-2007-1622", "CVE-2007-1618", "CVE-2007-1621", "CVE-2007-1636"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2007-03-25T00:00:00", "published": "2007-03-25T00:00:00", "id": "SECURITYVULNS:VULN:7465", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7465", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}