Title: Zope DTML Format Method Checking Vulnerability
Severity: MODERATE
Description:
Zope is a dynamic HTML management package, maintained by the Zope Project.
A problem exists in Zope that may allow a malicious user to gain unauthorized access to resources on the host. DTML uses 'dtml-var' tags to control how text is inserted and formatted on pages. 'fmt' is an attribute in 'dtml-var' tags which is used to specify the data format of text. It can be used, for example, to output text in C-style format. The problem is that Zope does not run the cursory security access checks on any DTMLMethods invoked using the 'fmt' attribute in 'dtml-var' tags.
The end result is that it is possible for a user to call DTMLMethods they
would not ordinarily have access to.
Affected Products:
- Debian Linux 2.2.0
- Debian Linux 2.2.0 68k
- Debian Linux 2.2.0 alpha
- Debian Linux 2.2.0 arm
- Debian Linux 2.2.0 powerpc
- Debian Linux 2.2.0 sparc
- MandrakeSoft Corporate Server 1.0.1
- MandrakeSoft Linux Mandrake 7.1.0
- MandrakeSoft Linux Mandrake 7.2.0
- RedHat Linux 6.1.0 alpha
- RedHat Linux 6.1.0 i386
- RedHat Linux 6.1.0 sparc
- RedHat Linux 6.2.0 alpha
- RedHat Linux 6.2.0 i386
- RedHat Linux 6.2.0 sparc
- RedHat Linux 7.0.0 alpha
- RedHat Linux 7.0.0 i386
- RedHat Linux 7.0.0 sparc
- Zope Zope 2.2.0 .0
- Zope Zope 2.2.1
- Zope Zope 2.2.2
- Zope Zope 2.2.3
- Zope Zope 2.2.4
- Zope Zope 2.2.5
References:
- Zope: Welcome to Zope.org
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
