Zope Image and File Update Data Protection Bypass
Medium Nessus Plugin ID 10569
SynopsisThe remote web server contains an application server that fails to protect stored content from modification by remote users.
DescriptionAccording to its banner, the remote web server is Zope < 2.2.5. Such versions suffer from a security issue involving incorrect protection of a data updating method on Image and File objects. Because the method is not correctly protected, it is possible for users with DTML editing privileges to update the raw data of a File or Image object via DTML though they do not have editing privileges on the objects themselves.
*** Since Nessus solely relied on the version number of the server,
*** consider this a false positive if the hotfix has already been applied.
SolutionUpgrade to Zope 2.2.5 or apply the hotfix referenced in the vendor advisory above.