Описание
Zope does not properly verify the access for objects with proxy roles
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2002-0170
- https://launchpad.net/zope2/+milestone/2.4.4
- https://launchpad.net/zope2/+milestone/2.5.1
- https://web.archive.org/web/20021120034302/http://online.securityfocus.com/bid/4229
- https://web.archive.org/web/20070914020022/http://xforce.iss.net/xforce/xfdb/8334
- http://marc.info/?l=bugtraq&m=101503023511996&w=2
- http://www.redhat.com/support/errata/RHSA-2002-060.html
Пакеты
Наименование
zope
pip
Затронутые версииВерсия исправления
>= 2.2.0, < 2.4.4
2.4.4
Наименование
zope
pip
Затронутые версииВерсия исправления
>= 2.5.0, < 2.5.1
2.5.1
Связанные уязвимости
redhat
больше 23 лет назад
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.
nvd
больше 23 лет назад
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.