Debian Linux Security Advisory 2234-1 - Several remote vulnerabilities have been discovered in python-zodb, a set of tools for using ZODB, that could lead to arbitrary code execution in the worst case.
e1c674480269535565c59f8ea537f28890fa119606378e5ba8ba65832a690d5eUbuntu Security Notice 848-1 - It was discovered that the Zope Object Database (ZODB) database server (ZEO) improperly filtered certain commands when a database is shared among multiple applications or application instances. A remote attacker could send malicious commands to the server and execute arbitrary code. It was discovered that the Zope Object Database (ZODB) database server (ZEO) did not handle authentication properly when a database is shared among multiple applications or application instances. A remote attacker could use this flaw to bypass security restrictions. It was discovered that Zope did not limit the number of new object ids a client could request. A remote attacker could use this flaw to consume a huge amount of resources, leading to a denial of service.
d0add9cad39c4f99da2ff36804eb791b22674b0688b5457ef291a078ea032baaDebian Security Advisory 1863-1 - Several remote vulnerabilities have been discovered in the zope, a feature-rich web application server written in python, that could lead to arbitrary code execution in the worst case.
9b50510b177e062943b28811c9b6700a49751d2e9d25c506bfa91c5bd4ee2182
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed