| VID |
21888 |
| Severity |
30 |
| Port |
8080, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Plone is vulnerable to an access control bypass vulnerability in various MembershipTool methods. Plone is an open-source content manage system written in Python. Plone versions 2.0.4, 2.0.5, 2.1.2, and 2.5-beta1 do not restrict access to the changeMemberPortrait, deletePersonalPortrait, and testCurrentPassword methods. A remote, anonymous attacker could exploit this vulnerability to modify and delete portrait images of members.
* References:
http://dev.plone.org/plone/ticket/5432
http://www.debian.org/security/2006/dsa-1032
http://secunia.com/advisories/19633/
* Platforms Affected:
Plone versions 2.0.4, 2.0.5, 2.1.2 and 2.5-beta1
Any operating system Any version |
| Recommendation |
Apply the Hotfix for this vulnerability (2006-04-10 1.0 or later), as listed in the Plone Ticket #5432 at http://dev.plone.org/plone/ticket/5432
-- OR --
Upgrade to the latest version of Plone (2.0.6 / 2.1.3 / 2.5-beta2 or later), when they become available from the Plone Download Web site at http://plone.org/products/plone |
| Related URL |
CVE-2006-1711 (CVE) |
| Related URL |
17484 (SecurityFocus) |
| Related URL |
25781 (ISS) |
|
