Vulnerabilities > CVE-2006-1711 - Unspecified vulnerability in Plone 2.0.5/2.1.2/2.5Beta1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | Plone 2.x MembershipTool Access Control Bypass Vulnerability. CVE-2006-1711. Remote exploit for linux platform |
| id | EDB-ID:27630 |
| last seen | 2016-02-03 |
| modified | 2006-04-12 |
| published | 2006-04-12 |
| reporter | MJ0011 |
| source | https://www.exploit-db.com/download/27630/ |
| title | Plone 2.x MembershipTool Access Control Bypass Vulnerability |
Nessus
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_22C6B826CEE011DA857800123FFE8333.NASL description Secunia reports : The vulnerability is caused due to missing security declarations in last seen 2020-06-01 modified 2020-06-02 plugin id 21398 published 2006-05-13 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21398 title FreeBSD : plone -- 'member_id' Parameter Portrait Manipulation Vulnerability (22c6b826-cee0-11da-8578-00123ffe8333) NASL family CGI abuses NASL id PLONE_MEMBERSHIPTOOL_ACCESS_CONTROL_BYPASS.NASL description The remote host is running Plone, an open source content manage system written in Python. The version of Plone installed on the remote host does not limit access to the last seen 2020-06-01 modified 2020-06-02 plugin id 21219 published 2006-04-14 reporter This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21219 title Plone Unprotected MembershipTool Methods Arbitrary Portrait Manipulation NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1032.NASL description It was discovered that the Plone content management system lacks security declarations for three internal classes. This allows manipulation of user portraits by unprivileged users. last seen 2020-06-01 modified 2020-06-02 plugin id 22574 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22574 title Debian DSA-1032-1 : zope-cmfplone - programming error NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_B6C189565FA311DBAD2D0016179B2DD5.NASL description The Plone Team reports : Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the : - changeMemberPortrait - deletePersonalPortrait - testCurrentPassword methods, which allows remote attackers to modify portraits. last seen 2020-06-01 modified 2020-06-02 plugin id 22889 published 2006-10-20 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/22889 title FreeBSD : plone -- unprotected MembershipTool methods (b6c18956-5fa3-11db-ad2d-0016179b2dd5)
References
- http://dev.plone.org/plone/ticket/5432
- http://secunia.com/advisories/19633
- http://secunia.com/advisories/19640
- http://www.debian.org/security/2006/dsa-1032
- http://www.securityfocus.com/bid/17484
- http://www.vupen.com/english/advisories/2006/1340
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25781
- https://svn.plone.org/svn/plone/PloneHotfix20060410/trunk/README.txt