6 matches found
Debian DSA-1176-1 : zope2.7 - programming error
It was discovered that the Zope web application server does not disable the csvtable directive in web pages containing ReST markup, allowing the exposure of files readable by the Zope server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
CVE-2006-4684
The docutils module in Zope Zope2 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText reST markup, which allows remote attackers to read arbitrary files via a csvtable directive, a different vulnerability than CVE-2006-3458...
CVE-2006-4684
The docutils module in Zope Zope2 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText reST markup, which allows remote attackers to read arbitrary files via a csvtable directive, a different vulnerability than CVE-2006-3458...
CVE-2006-4684
CVE-2006-4684 details (Zope/Zope2, docutils integration): Affects Zope 2.7.0–2.7.9 and 2.8.0–2.8.8. The vulnerability stems from improper handling of reStructuredText (reST) in web pages, allowing a remote attacker to read arbitrary files via a csv_table directive. CVSSv2 base metrics reported: A...
[SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1176-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 13th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1176-1] New zope2.7 packages fix information disclosure
-------------------------------------------------------------------------- Debian Security Advisory DSA 1176-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 13th, 2006 http://www.debian.org/security/faq -...