Personal tools
You are here: Home About Security Advisories Zope reStructuredText information disclosure (CVE-2006-4684)
Navigation
Log in


Forgot your password?
New user?
 
Document Actions

Zope reStructuredText information disclosure (CVE-2006-4684)

by Wichert Akkerman last modified October 2, 2006 - 12:08

A information disclosure vulnerability has been discovered in Zope/Plone's handling of csv_table command in reStructuredText content. Any Plone sites which allows untrusted users to add/edit RestructuredText content are vulnerable to this issue and should apply the hotfix.

This vulnerability has been assigned CVE id CVE-2006-4684.


Vulnerability details

reStructuredText supports the csv_table directive. This could be used to expose filesystem content from the Zope server through the Zope and Plone webinterface.

The fix disables the csv_table.  No Plone functionality is affected by this change.

Affected versions

Affected Plone versions are:

  • Plone 2.0 up to version 2.0.5
  • Plone 2.1 up to version 2.1.3
Plone 2.5 and later running on Zope 2.9 is not affected. Installers for all later release will include a fix for this problem.

For installations that do not use the standard Plone installer please check the used Zope version:
  • Zope 2.7 up to version 2.7.8
  • Zope 2.8 up to version 2.8.8

Installing the hotfix

This bug can be fixed by installing the Zope 20060821 hotfix. The hotfix can be installed as a normal Zope product:
  • extract it in the Products directory of your Zope instance
  • restart Zope
  • verify that Hotfix_20060821 is listed in the product management page in the Zope control panel

For any issues with the web site functionality, please file a ticket.

Please consult the policy on plone.org content if you want your content published on this site.

Servers and hosting by