Lucene search
GoogleOSV:DSA-910-1HistoryNov 24, 2005 - 12:00 a.m.
zope2.7 - design error
2005-11-2400:00:00
Google
osv.dev
9
EPSS
0.023
Percentile
89.7%
A vulnerability has been discovered in zope 2.7, an Open Source web
application server, that allows remote attackers to insert arbitrary
files via include directives in reStructuredText functionality.
The old stable distribution (woody) does not contain zope2.7 packages.
For the stable distribution (sarge) this problem has been fixed in
version 2.7.5-2sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 2.7.8-1.
We recommend that you upgrade your zope2.7 package.
References
Related
openvas
openvas
Debian Security Advisory DSA 910-1 (zope2.7)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-910-1)
2008-01-17 00:00:00
Ubuntu: Security Advisory (USN-229-1)
2022-08-26 00:00:00
cvelist
cvelist
CVE-2005-3323
2005-10-27 04:00:00
nessus
nessus
FreeBSD : zope -- expose RestructuredText functionality to untrusted users (d2b80c7c-3aae-11da-9484-00123ffe8333)
2006-05-13 00:00:00
GLSA-200510-20 : Zope: File inclusion through RestructuredText
2005-10-28 00:00:00
Debian DSA-910-1 : zope.2.7 - design error
2006-10-14 00:00:00
nvd
nvd
CVE-2005-3323
2005-10-27 10:02:00
cve
cve
CVE-2005-3323
2005-10-27 10:02:00
freebsd
freebsd
zope -- expose RestructuredText functionality to untrusted users
2005-10-09 00:00:00
ubuntucve
ubuntucve
CVE-2005-3323
2005-10-27 00:00:00
debian
debian
[SECURITY] [DSA 910-1] New zope2.7 packages fix arbitrary file inclusion
2005-11-24 06:07:15
[SECURITY] [DSA 910-1] New zope2.7 packages fix arbitrary file inclusion
2005-11-24 06:07:15
ubuntu
ubuntu
Zope vulnerability
2005-12-14 00:00:00
gentoo
gentoo
Zope: File inclusion through RestructuredText
2005-10-25 00:00:00