← volver
CVE-2006-3458

CVE-2006-3458

EPSS 0.4%
Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://mail.zope.org/pipermail/zope-announce/2006-July/001984.htmlhttp://secunia.com/advisories/20988http://secunia.com/advisories/21025http://secunia.com/advisories/21130http://secunia.com/advisories/21459https://exchange.xforce.ibmcloud.com/vulnerabilities/27636https://usn.ubuntu.com/317-1/http://www.debian.org/security/2006/dsa-1113http://www.novell.com/linux/security/advisories/2006_19_sr.htmlhttp://www.securityfocus.com/bid/18856http://www.vupen.com/english/advisories/2006/2681http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/README.txt