Mandrake Linux Security Advisory : Zope (MDKSA-2001:049)

Medium Nessus Plugin ID 61913


The remote Mandrake Linux host is missing one or more security updates.


Another problem was discovered in Zope that fixes a problem with ZClasses. Any user can visit a ZClass declaration and change the ZClass permission mappings for methods and other objects defined within the ZClass, possibly allowing for unauthorized access within the Zope instance. The Zope Hotfix 2001-05-01 corrects this problem.


Update the affected packages.

See Also

Plugin Details

Severity: Medium

ID: 61913

File Name: mandrake_MDKSA-2001-049.nasl

Version: $Revision: 1.3 $

Type: local

Published: 2012/09/06

Modified: 2013/05/31

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:Zope, p-cpe:/a:mandriva:linux:Zope-components, p-cpe:/a:mandriva:linux:Zope-core, p-cpe:/a:mandriva:linux:Zope-pcgi, p-cpe:/a:mandriva:linux:Zope-services, p-cpe:/a:mandriva:linux:Zope-zpublisher, p-cpe:/a:mandriva:linux:Zope-zserver, p-cpe:/a:mandriva:linux:Zope-ztemplates, cpe:/o:mandrakesoft:mandrake_linux:7.1, cpe:/o:mandrakesoft:mandrake_linux:7.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2001/05/10

Reference Information

CVE: CVE-2001-0567, CVE-2001-0568

MDKSA: 2001:049