Zope Image and File Update Data Protection Bypass

This script is Copyright (C) 2000-2014 Tenable Network Security, Inc.

Synopsis :

The remote web server contains an application server that fails to
protect stored content from modification by remote users.

Description :

According to its banner, the remote web server is Zope < 2.2.5. Such
versions suffer from a security issue involving incorrect protection
of a data updating method on Image and File objects. Because the
method is not correctly protected, it is possible for users with DTML
editing privileges to update the raw data of a File or Image object
via DTML though they do not have editing privileges on the objects

*** Since Nessus solely relied on the version number of the server,
*** consider this a false positive if the hotfix has already been applied.

See also :


Solution :

Upgrade to Zope 2.2.5 or apply the hotfix referenced in the vendor
advisory above.

Risk factor :

Medium / CVSS Base Score : 6.0
CVSS Temporal Score : 6.0

Family: Web Servers

Nessus Plugin ID: 10569 ()

Bugtraq ID: 922

CVE ID: CVE-2000-1212