Lucene search
UbuntuUSN-229-1HistoryDec 14, 2005 - 12:00 a.m.
Zope vulnerability
2005-12-1400:00:00
ubuntu.com
31
Releases
- Ubuntu 5.10
Details
Zope did not deactivate the file inclusion feature when exposing
RestructuredText functionalities to untrusted users. A remote user
with the privilege of editing Zope webpages with RestructuredText
could exploit this to expose arbitrary files that can be read with the
privileges of the Zope server, or execute arbitrary Zope code.
References
Related
openvas
openvas
Gentoo Security Advisory GLSA 200510-20 (Zope)
2008-09-24 00:00:00
FreeBSD Ports: zope28
2008-09-04 00:00:00
Ubuntu: Security Advisory (USN-229-1)
2022-08-26 00:00:00
osv
osv
zope2.7 - design error
2005-11-24 00:00:00
nessus
nessus
Debian DSA-910-1 : zope.2.7 - design error
2006-10-14 00:00:00
GLSA-200510-20 : Zope: File inclusion through RestructuredText
2005-10-28 00:00:00
cve
cve
CVE-2005-3323
2005-10-27 10:02:00
cvelist
cvelist
CVE-2005-3323
2005-10-27 04:00:00
debian
debian
[SECURITY] [DSA 910-1] New zope2.7 packages fix arbitrary file inclusion
2005-11-24 06:07:15
[SECURITY] [DSA 910-1] New zope2.7 packages fix arbitrary file inclusion
2005-11-24 00:00:00
freebsd
freebsd
zope -- expose RestructuredText functionality to untrusted users
2005-10-09 00:00:00
ubuntucve
ubuntucve
CVE-2005-3323
2005-10-27 00:00:00
gentoo
gentoo
Zope: File inclusion through RestructuredText
2005-10-25 00:00:00