This script is Copyright (C) 2001-2013 Alert4Web.com
The remote web server contains an application server that is prone
to a privilege escalation flaw.
The remote web server uses a version of Zope which is older than
version 2.3.3. In such versions, any user can visit a ZClass
declaration and change the ZClass permission mappings for methods and
other objects defined within the ZClass, possibly allowing for
unauthorized access within the Zope instance.
*** Nessus solely relied on the version number of the server, so if
*** the hotfix has already been applied, this might be a false positive
See also :
Upgrade to Zope 2.3.3 or apply the hotfix referenced in the vendor
Risk factor :
Medium / CVSS Base Score : 4.6
Family: Web Servers
Nessus Plugin ID: 10777 ()
CVE ID: CVE-2001-0567
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.