GHSA-4X83-5GW5-Q346 Zope Object Database (ZODB) vulnerable to arbitrary Python code execution in ZEO storage servers

Unspecified vulnerability in Zope Object Database ZODB before 3.8.2, when certain Zope Enterprise Objects ZEO database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol...

PYSEC-2021-875

The module AccessControl defines security policies for Python code used in restricted code within Zope applications. Restricted code is any code that resides in Zope's object database, such as the contents of Script Python objects. The policies defined in AccessControl severely restrict access to...

[SECURITY] Fedora 34 Update: tracker3-3.1.0~rc-1.fc34

Tracker is a powerful desktop-neutral first class object database, tag/metadata database and search tool. It consists of a common object database that allows entities to have an almost infinite number of properties, metadata both embedded/harvested as well as user definable, a comprehensive...

Versant Object Database <= 7.0.1.3 Commands Execution Exploit

No description provided by source. Versant server = 7.0.1.3 Arbitrary Commands Execution Exploit Exploit-DB mirror: http://www.exploit-db.com/sploits/2008-versantcmd.zip milw0rm.com 2008-03-04...

Xi Graphics Maximum CDE 1.2.3,TriTeal TED CDE 4.3,Sun Solaris <= 2.5.1 ToolTalk RPC Service Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/122/info An implementation fault in the ToolTalk object database server allows a remote attacker to run arbitrary code as the superuser on hosts supporting the ToolTalk service. The affected program runs on many popular...

versant-info NSE Script

Extracts information, including file paths, version and database names from a Versant object database. Example Usage nmap -p 5019 --script versant-info Script Output PORT STATE SERVICE REASON 5019/tcp open versant syn-ack | versant-info: | Hostname: WIN-S6HA7RJFAAR | Root path: C:\Versant\8 |...

Zope Object Database ZEO Server Denial of Service Vulnerability

This host is running Zope Object Database and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbzodbzeoserverdosvuln.nasl 5388 2017-02-21 15:13:30Z teissa $ Zope Object Database ZEO Server Denial of Service Vulnerability Authors: Veerendra GG Copyright: Copyright c 20...

Zope Object Database ZEO Server Denial of Service Vulnerability

Zope Object Database is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PYSEC-2010-27

Race condition in ZEO/StorageServer.py in Zope Object Database ZODB before 3.10.0 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpect...

PYSEC-2010-27

Race condition in ZEO/StorageServer.py in Zope Object Database ZODB before 3.10.0 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpect...

Race condition

Race condition in ZEO/StorageServer.py in Zope Object Database ZODB before 3.10.0 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpect...

CVE-2010-3495

Race condition in ZEO/StorageServer.py in Zope Object Database ZODB before 3.10.0 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpect...

CVE-2010-3495

Removed by vendor...

CVE-2010-3495

Race condition in ZEO/StorageServer.py in Zope Object Database ZODB before 3.10.0 allows remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpect...

Ubuntu USN-848-1 (zope3)

The remote host is missing an update to zope3 announced via advisory USN-848-1. OpenVAS Vulnerability Test $Id: ubuntu8481.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8481.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-848-1 zope3 Authors: Thomas Reinke...

Ubuntu: Security Advisory (USN-848-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-848-1: Zope vulnerabilities

It was discovered that the Zope Object Database ZODB database server ZEO improperly filtered certain commands when a database is shared among multiple applications or application instances. A remote attacker could send malicious commands to the server and execute arbitrary code. CVE-2009-0668 It...

CVE-2009-2701

Unspecified vulnerability in the Zope Enterprise Objects ZEO storage-server functionality in Zope Object Database ZODB 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via...

PYSEC-2009-10

Unspecified vulnerability in the Zope Enterprise Objects ZEO storage-server functionality in Zope Object Database ZODB 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via...

Design/Logic Flaw

Unspecified vulnerability in the Zope Enterprise Objects ZEO storage-server functionality in Zope Object Database ZODB 3.8 before 3.8.3 and 3.9.x before 3.9.0c2, when certain ZEO database sharing and blob support are enabled, allows remote authenticated users to read or delete arbitrary files via...