Vulnerability Details CVE-2001-0128
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.5%
CVSS Severity
CVSS v2 Score 7.2
References
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:06.zope.asc
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000365
- http://www.debian.org/security/2000/20001219
- http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-083.php3
- http://www.osvdb.org/6284
- http://www.redhat.com/support/errata/RHSA-2000-127.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5777
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:06.zope.asc
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000365
- http://www.debian.org/security/2000/20001219
- http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-083.php3
- http://www.osvdb.org/6284
- http://www.redhat.com/support/errata/RHSA-2000-127.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5777
Products affected by CVE-2001-0128
-
cpe:2.3:a:redhat:linux_powertools:6.1
-
cpe:2.3:a:redhat:linux_powertools:6.2
-
cpe:2.3:a:redhat:linux_powertools:7.0
-
cpe:2.3:a:zope:zope:*
-
cpe:2.3:o:conectiva:linux:4.2
-
cpe:2.3:o:conectiva:linux:5.0
-
cpe:2.3:o:conectiva:linux:5.1
-
cpe:2.3:o:conectiva:linux:6.0
-
cpe:2.3:o:debian:debian_linux:2.2
-
cpe:2.3:o:freebsd:freebsd:6.2
-
cpe:2.3:o:mandrakesoft:mandrake_linux:7.1
-
cpe:2.3:o:mandrakesoft:mandrake_linux:7.2
-
cpe:2.3:o:redhat:linux:6.1
-
cpe:2.3:o:redhat:linux:6.2
-
cpe:2.3:o:redhat:linux:7.0