This script is Copyright (C) 2001-2013 Alert4Web.com
The remote web server contains an application server that is prone
to a privilege escalation flaw.
The remote web server uses a version of Zope which is older than
version 2.3.3. In such versions, any user can visit a ZClass
declaration and change the ZClass permission mappings for methods and
other objects defined within the ZClass, possibly allowing for
unauthorized access within the Zope instance.
*** Nessus solely relied on the version number of the server, so if
*** the hotfix has already been applied, this might be a false positive
See also :
Upgrade to Zope 2.3.3 or apply the hotfix referenced in the vendor
Risk factor :
Medium / CVSS Base Score : 4.6