Vulnerabilities > CVE-2011-0720 - Remote Security Bypass vulnerability in Plone

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
plone
redhat
nessus

Summary

Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors.

Nessus

  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2011-0394.NASL
    descriptionFrom Red Hat Security Advisory 2011:0394 : Updated conga packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The conga packages provide a web-based administration tool for remote cluster and storage management. A privilege escalation flaw was found in luci, the Conga web-based administration application. A remote attacker could possibly use this flaw to obtain administrative access, allowing them to read, create, or modify the content of the luci application. (CVE-2011-0720) Users of Conga are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, luci must be restarted (
    last seen2020-06-01
    modified2020-06-02
    plugin id68240
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/68240
    titleOracle Linux 5 : conga (ELSA-2011-0394)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2011:0394 and 
    # Oracle Linux Security Advisory ELSA-2011-0394 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(68240);
      script_version("1.8");
      script_cvs_date("Date: 2019/10/25 13:36:09");
    
      script_cve_id("CVE-2011-0720");
      script_xref(name:"RHSA", value:"2011:0394");
    
      script_name(english:"Oracle Linux 5 : conga (ELSA-2011-0394)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2011:0394 :
    
    Updated conga packages that fix one security issue are now available
    for Red Hat Enterprise Linux 5.
    
    The Red Hat Security Response Team has rated this update as having
    important security impact. A Common Vulnerability Scoring System
    (CVSS) base score, which gives a detailed severity rating, is
    available from the CVE link in the References section.
    
    The conga packages provide a web-based administration tool for remote
    cluster and storage management.
    
    A privilege escalation flaw was found in luci, the Conga web-based
    administration application. A remote attacker could possibly use this
    flaw to obtain administrative access, allowing them to read, create,
    or modify the content of the luci application. (CVE-2011-0720)
    
    Users of Conga are advised to upgrade to these updated packages, which
    contain a backported patch to resolve this issue. After installing the
    updated packages, luci must be restarted ('service luci restart') for
    the update to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2011-March/002042.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected conga packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:luci");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ricci");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/02/03");
      script_set_attribute(attribute:"patch_publication_date", value:"2011/03/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    
    flag = 0;
    if (rpm_check(release:"EL5", reference:"luci-0.12.2-24.0.1.el5_6.1")) flag++;
    if (rpm_check(release:"EL5", reference:"ricci-0.12.2-24.0.1.el5_6.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "luci / ricci");
    }
    
  • NASL familyCGI abuses
    NASL idPLONE_AUTHENTICATION_BYPASS.NASL
    descriptionThe version of Plone on the remote host fails to require authentication to access several sensitive functions. Plone is built on top of Zope, which maps Python objects and their methods to URLs. Methods can have security restrictions, such as requiring a login account or a specific privilege level, applied to them to limit access. The installed version of Plone permits access to several methods that allow the adding, deleting, and changing content and users.
    last seen2020-06-01
    modified2020-06-02
    plugin id53546
    published2011-04-25
    reporterThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/53546
    titlePlone Security Bypass
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(53546);
      script_version("1.7");
      script_cvs_date("Date: 2018/11/15 20:50:18");
    
      script_cve_id("CVE-2011-0720");
      script_bugtraq_id(46102);
      script_xref(name:"Secunia", value:"43146");
    
      script_name(english:"Plone Security Bypass");
      script_summary(english:"Tries to access privileged object methods");
    
      script_set_attribute(
        attribute:"synopsis",
        value:
    "The remote web server has an application that that is affected by a
    security bypass vulnerability."
      );
      script_set_attribute(
        attribute:"description",
        value:
    "The version of Plone on the remote host fails to require
    authentication to access several sensitive functions.
    
    Plone is built on top of Zope, which maps Python objects and their
    methods to URLs.  Methods can have security restrictions, such as
    requiring a login account or a specific privilege level, applied to
    them to limit access.  The installed version of Plone permits access
    to several methods that allow the adding, deleting, and changing
    content and users."
      );
      script_set_attribute(attribute:"see_also", value:"http://plone.org/products/plone/security/advisories/cve-2011-0720");
      script_set_attribute(
        attribute:"see_also",
        value:"https://seclists.org/fulldisclosure/2011/Apr/293"
      );
      script_set_attribute(attribute:"solution", value:"Apply Plone Hotfix CVE-2011-0720.");
     script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
     script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
     script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
     script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/02/02");
      script_set_attribute(attribute:"patch_publication_date", value:"2011/02/08");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/04/25");
    
      script_set_attribute(attribute:"cpe", value:"cpe:/a:plone:plone");
      script_set_attribute(attribute:"plugin_type", value:"remote");
    
      script_set_attribute(attribute:"exploited_by_nessus", value:"true");
      script_end_attributes();
    
      script_category(ACT_ATTACK);
      script_family(english:"CGI abuses");
    
      script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
    
      script_dependencies("plone_detect.nasl");
      script_exclude_keys("Settings/disable_cgi_scanning");
      script_require_keys("www/plone");
      script_require_ports("Services/www", 80);
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("http.inc");
    include("misc_func.inc");
    include("webapp_func.inc");
    
    # Get details of Plone install.
    port = get_http_port(default:80);
    install = get_install_from_kb(appname:"plone", port:port, exit_on_fail:TRUE);
    dir = install["dir"];
    
    # Try to access a method that should be restricted to privileged, authenticated,
    # users.
    object = "acl_users";
    method = "getUsers";
    url = dir + "/" + object + "/" + method;
    res = http_send_recv3(
      method       : "GET",
      item         : url,
      port         : port,
      exit_on_fail : TRUE
    );
    
    # If it's not a Python list, then we can assume it didn't work.
    if (!ereg(string:res[2], pattern:"^\[.*\]$"))
      exit(0, "The Plone installation at " + build_url(port:port, qs:dir) + " is not affected.");
    
    if (report_verbosity > 0)
    {
      report =
        '\nNessus was able to exploit the issue using the following request :' +
        '\n' +
        '\n  ' + build_url(port:port, qs:url) +
        '\n';
    
      if (report_verbosity > 1)
        report +=
          '\nIt produced the following response :' +
          '\n' +
          '\n  ' + res[2];
    
      security_hole(port:port, extra:report + '\n');
    }
    else security_hole(port);
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20110329_CONGA_ON_SL5_X.NASL
    descriptionA privilege escalation flaw was found in luci, the Conga web-based administration application. A remote attacker could possibly use this flaw to obtain administrative access, allowing them to read, create, or modify the content of the luci application. (CVE-2011-0720)
    last seen2020-06-01
    modified2020-06-02
    plugin id60997
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60997
    titleScientific Linux Security Update : conga on SL5.x i386/x86_64
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(60997);
      script_version("1.4");
      script_cvs_date("Date: 2019/10/25 13:36:19");
    
      script_cve_id("CVE-2011-0720");
    
      script_name(english:"Scientific Linux Security Update : conga on SL5.x i386/x86_64");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A privilege escalation flaw was found in luci, the Conga web-based
    administration application. A remote attacker could possibly use this
    flaw to obtain administrative access, allowing them to read, create,
    or modify the content of the luci application. (CVE-2011-0720)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1103&L=scientific-linux-errata&T=0&P=11153
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?8807e48c"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected luci and / or ricci packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2011/03/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL5", reference:"luci-0.12.2-24.el5_6.1")) flag++;
    if (rpm_check(release:"SL5", reference:"ricci-0.12.2-24.el5_6.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2011-0394.NASL
    descriptionUpdated conga packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The conga packages provide a web-based administration tool for remote cluster and storage management. A privilege escalation flaw was found in luci, the Conga web-based administration application. A remote attacker could possibly use this flaw to obtain administrative access, allowing them to read, create, or modify the content of the luci application. (CVE-2011-0720) Users of Conga are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, luci must be restarted (
    last seen2020-06-01
    modified2020-06-02
    plugin id53504
    published2011-04-21
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/53504
    titleCentOS 5 : conga (CESA-2011:0394)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2011:0394 and 
    # CentOS Errata and Security Advisory 2011:0394 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(53504);
      script_version("1.10");
      script_cvs_date("Date: 2019/10/25 13:36:05");
    
      script_cve_id("CVE-2011-0720");
      script_xref(name:"RHSA", value:"2011:0394");
    
      script_name(english:"CentOS 5 : conga (CESA-2011:0394)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated conga packages that fix one security issue are now available
    for Red Hat Enterprise Linux 5.
    
    The Red Hat Security Response Team has rated this update as having
    important security impact. A Common Vulnerability Scoring System
    (CVSS) base score, which gives a detailed severity rating, is
    available from the CVE link in the References section.
    
    The conga packages provide a web-based administration tool for remote
    cluster and storage management.
    
    A privilege escalation flaw was found in luci, the Conga web-based
    administration application. A remote attacker could possibly use this
    flaw to obtain administrative access, allowing them to read, create,
    or modify the content of the luci application. (CVE-2011-0720)
    
    Users of Conga are advised to upgrade to these updated packages, which
    contain a backported patch to resolve this issue. After installing the
    updated packages, luci must be restarted ('service luci restart') for
    the update to take effect."
      );
      # https://lists.centos.org/pipermail/centos-announce/2011-April/017419.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?09f1b03d"
      );
      # https://lists.centos.org/pipermail/centos-announce/2011-April/017421.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?149881a1"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected conga packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:luci");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:ricci");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2011/02/03");
      script_set_attribute(attribute:"patch_publication_date", value:"2011/04/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2011/04/21");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-5", reference:"luci-0.12.2-24.el5.centos.1")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"ricci-0.12.2-24.el5.centos.1")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "luci / ricci");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2011-0394.NASL
    descriptionUpdated conga packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The conga packages provide a web-based administration tool for remote cluster and storage management. A privilege escalation flaw was found in luci, the Conga web-based administration application. A remote attacker could possibly use this flaw to obtain administrative access, allowing them to read, create, or modify the content of the luci application. (CVE-2011-0720) Users of Conga are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, luci must be restarted (
    last seen2020-06-01
    modified2020-06-02
    plugin id63975
    published2013-01-24
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/63975
    titleRHEL 5 : conga (RHSA-2011:0394)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_7C492EA2356611E08E810022190034C0.NASL
    descriptionPlone developer reports : This is an escalation of privileges attack that can be used by anonymous users to gain access to a Plone site
    last seen2020-06-01
    modified2020-06-02
    plugin id56079
    published2011-09-06
    reporterThis script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/56079
    titleFreeBSD : plone -- Remote Security Bypass (7c492ea2-3566-11e0-8e81-0022190034c0)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20110328_CONGA_ON_SL4_X.NASL
    descriptionThe conga packages provide a web-based administration tool for remote cluster and storage management. A privilege escalation flaw was found in luci, the Conga web-based administration application. A remote attacker could possibly use this flaw to obtain administrative access, allowing them to read, create, or modify the content of the luci application. (CVE-2011-0720) Users of Conga are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, luci must be restarted (
    last seen2020-06-01
    modified2020-06-02
    plugin id60996
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60996
    titleScientific Linux Security Update : conga on SL4.x i386/x86_64

Redhat

advisories
  • bugzilla
    id676961
    titleCVE-2011-0720 plone: unauthorized remote administrative access
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 5 is installed
        ovaloval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • commentluci is earlier than 0:0.12.2-24.el5_6.1
            ovaloval:com.redhat.rhsa:tst:20110394001
          • commentluci is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20070331002
        • AND
          • commentricci is earlier than 0:0.12.2-24.el5_6.1
            ovaloval:com.redhat.rhsa:tst:20110394003
          • commentricci is signed with Red Hat redhatrelease key
            ovaloval:com.redhat.rhba:tst:20070331004
    rhsa
    idRHSA-2011:0394
    released2011-03-28
    severityImportant
    titleRHSA-2011:0394: conga security update (Important)
  • rhsa
    idRHSA-2011:0393
rpms
  • conga-debuginfo-0:0.11.2-4.el4.2
  • luci-0:0.11.2-4.el4.2
  • ricci-0:0.11.2-4.el4.2
  • conga-debuginfo-0:0.12.2-24.el5_6.1
  • luci-0:0.12.2-24.el5_6.1
  • ricci-0:0.12.2-24.el5_6.1