Title: Zope ZClass Modification DOS Vulnerability
Severity: MODERATE
Description:
Zope is a dynamic HTML management package, maintained by the Zope Project. A vulnerability exists in the affected versions of Zope that may allow remote users to modify internal Zope data structures.
A remote attacker may delete add or delete attributes or methods of existing ZClasses, potentially interfering with normal site functionality and allowing a denial of service attack on the vulnerable host.
Properly exploited, this vulnerability could also potentially allow disclosure of arbitrary information to the attacker.
Affected Products:
- Debian Linux 2.2.0
- Debian Linux 2.2.0 68k
- Debian Linux 2.2.0 alpha
- Debian Linux 2.2.0 arm
- Debian Linux 2.2.0 powerpc
- Debian Linux 2.2.0 sparc
- MandrakeSoft Corporate Server 1.0.1
- MandrakeSoft Linux Mandrake 7.1.0
- MandrakeSoft Linux Mandrake 7.2.0
- RedHat Linux 6.1.0 alpha
- RedHat Linux 6.1.0 i386
- RedHat Linux 6.1.0 sparc
- RedHat Linux 6.2.0
- RedHat Linux 6.2.0 alpha
- RedHat Linux 6.2.0 i386
- RedHat Linux 6.2.0 sparc
- RedHat Linux 7.0.0 alpha
- RedHat Linux 7.0.0 i386
- RedHat Linux 7.0.0 sparc
- RedHat inetd-0.16-4.i386.rpm 0.0.0
- Zope Zope 2.2.0.0
- Zope Zope 2.2.1
- Zope Zope 2.2.2
- Zope Zope 2.2.3
- Zope Zope 2.2.4
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
