Описание
Zope does not properly verify the access for objects with proxy roles
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-0170
- https://launchpad.net/zope2/+milestone/2.4.4
- https://launchpad.net/zope2/+milestone/2.5.1
- https://web.archive.org/web/20021120034302/http://online.securityfocus.com/bid/4229
- https://web.archive.org/web/20070914020022/http://xforce.iss.net/xforce/xfdb/8334
- http://marc.info/?l=bugtraq&m=101503023511996&w=2
- http://www.redhat.com/support/errata/RHSA-2002-060.html
Пакеты
Наименование
zope
pip
Затронутые версииВерсия исправления
>= 2.2.0, < 2.4.4
2.4.4
Наименование
zope
pip
Затронутые версииВерсия исправления
>= 2.5.0, < 2.5.1
2.5.1
Связанные уязвимости
redhat
почти 24 года назад
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.
nvd
почти 24 года назад
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.