ID CVE-2011-3587
Summary Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
References
Vulnerable Configurations
  • cpe:2.3:a:zope:zope:2.12.0:a2
    cpe:2.3:a:zope:zope:2.12.0:a2
  • cpe:2.3:a:zope:zope:2.12.0:b2
    cpe:2.3:a:zope:zope:2.12.0:b2
  • cpe:2.3:a:zope:zope:2.12.3
    cpe:2.3:a:zope:zope:2.12.3
  • cpe:2.3:a:zope:zope:2.12.4
    cpe:2.3:a:zope:zope:2.12.4
  • cpe:2.3:a:zope:zope:2.12.8
    cpe:2.3:a:zope:zope:2.12.8
  • cpe:2.3:a:zope:zope:2.12.11
    cpe:2.3:a:zope:zope:2.12.11
  • cpe:2.3:a:zope:zope:2.12.9
    cpe:2.3:a:zope:zope:2.12.9
  • cpe:2.3:a:zope:zope:2.12.13
    cpe:2.3:a:zope:zope:2.12.13
  • cpe:2.3:a:zope:zope:2.12.12
    cpe:2.3:a:zope:zope:2.12.12
  • cpe:2.3:a:zope:zope:2.12.14
    cpe:2.3:a:zope:zope:2.12.14
  • cpe:2.3:a:zope:zope:2.12.10
    cpe:2.3:a:zope:zope:2.12.10
  • cpe:2.3:a:zope:zope:2.12.1
    cpe:2.3:a:zope:zope:2.12.1
  • cpe:2.3:a:zope:zope:2.12.0:a3
    cpe:2.3:a:zope:zope:2.12.0:a3
  • cpe:2.3:a:zope:zope:2.12.0:a4
    cpe:2.3:a:zope:zope:2.12.0:a4
  • cpe:2.3:a:zope:zope:2.12.2
    cpe:2.3:a:zope:zope:2.12.2
  • cpe:2.3:a:zope:zope:2.12.0:b3
    cpe:2.3:a:zope:zope:2.12.0:b3
  • cpe:2.3:a:zope:zope:2.12.0:b1
    cpe:2.3:a:zope:zope:2.12.0:b1
  • cpe:2.3:a:zope:zope:2.12.0
    cpe:2.3:a:zope:zope:2.12.0
  • cpe:2.3:a:zope:zope:2.12.0:b4
    cpe:2.3:a:zope:zope:2.12.0:b4
  • cpe:2.3:a:zope:zope:2.12.0:a1
    cpe:2.3:a:zope:zope:2.12.0:a1
  • cpe:2.3:a:zope:zope:2.12.5
    cpe:2.3:a:zope:zope:2.12.5
  • cpe:2.3:a:zope:zope:2.12.7
    cpe:2.3:a:zope:zope:2.12.7
  • cpe:2.3:a:zope:zope:2.12.17
    cpe:2.3:a:zope:zope:2.12.17
  • cpe:2.3:a:zope:zope:2.12.15
    cpe:2.3:a:zope:zope:2.12.15
  • cpe:2.3:a:zope:zope:2.12.18
    cpe:2.3:a:zope:zope:2.12.18
  • cpe:2.3:a:zope:zope:2.12.6
    cpe:2.3:a:zope:zope:2.12.6
  • cpe:2.3:a:zope:zope:2.12.16
    cpe:2.3:a:zope:zope:2.12.16
  • cpe:2.3:a:zope:zope:2.13.7
    cpe:2.3:a:zope:zope:2.13.7
  • cpe:2.3:a:zope:zope:2.13.6
    cpe:2.3:a:zope:zope:2.13.6
  • cpe:2.3:a:zope:zope:2.13.5
    cpe:2.3:a:zope:zope:2.13.5
  • cpe:2.3:a:zope:zope:2.13.0
    cpe:2.3:a:zope:zope:2.13.0
  • cpe:2.3:a:zope:zope:2.13.0:b1
    cpe:2.3:a:zope:zope:2.13.0:b1
  • cpe:2.3:a:zope:zope:2.13.1
    cpe:2.3:a:zope:zope:2.13.1
  • cpe:2.3:a:zope:zope:2.13.2
    cpe:2.3:a:zope:zope:2.13.2
  • cpe:2.3:a:zope:zope:2.13.0:c1
    cpe:2.3:a:zope:zope:2.13.0:c1
  • cpe:2.3:a:zope:zope:2.13.4
    cpe:2.3:a:zope:zope:2.13.4
  • cpe:2.3:a:zope:zope:2.13.3
    cpe:2.3:a:zope:zope:2.13.3
  • cpe:2.3:a:zope:zope:2.13.0:a2
    cpe:2.3:a:zope:zope:2.13.0:a2
  • cpe:2.3:a:zope:zope:2.13.0:a3
    cpe:2.3:a:zope:zope:2.13.0:a3
  • cpe:2.3:a:zope:zope:2.13.0:a4
    cpe:2.3:a:zope:zope:2.13.0:a4
  • cpe:2.3:a:zope:zope:2.13.0:a1
    cpe:2.3:a:zope:zope:2.13.0:a1
  • cpe:2.3:a:zope:zope:2.12.19
    cpe:2.3:a:zope:zope:2.12.19
  • cpe:2.3:a:zope:zope:2.12.20
    cpe:2.3:a:zope:zope:2.12.20
  • cpe:2.3:a:zope:zope:2.13.8
    cpe:2.3:a:zope:zope:2.13.8
  • cpe:2.3:a:zope:zope:2.13.9
    cpe:2.3:a:zope:zope:2.13.9
  • cpe:2.3:a:zope:zope:2.13.10
    cpe:2.3:a:zope:zope:2.13.10
  • Plone 4.0.7
    cpe:2.3:a:plone:plone:4.0.7
  • Plone 4.0.8
    cpe:2.3:a:plone:plone:4.0.8
  • Plone 4.0.1
    cpe:2.3:a:plone:plone:4.0.1
  • Plone 4.0.3
    cpe:2.3:a:plone:plone:4.0.3
  • Plone 4.0.2
    cpe:2.3:a:plone:plone:4.0.2
  • Plone 4.0.5
    cpe:2.3:a:plone:plone:4.0.5
  • Plone 4.0.4
    cpe:2.3:a:plone:plone:4.0.4
  • Plone 4.0.6.1
    cpe:2.3:a:plone:plone:4.0.6.1
  • Plone 4.0
    cpe:2.3:a:plone:plone:4.0
  • Plone 4.0.9
    cpe:2.3:a:plone:plone:4.0.9
  • Plone 4.1
    cpe:2.3:a:plone:plone:4.1
  • Plone 4.2
    cpe:2.3:a:plone:plone:4.2
  • cpe:2.3:a:plone:plone:4.2a2
    cpe:2.3:a:plone:plone:4.2a2
  • cpe:2.3:a:plone:plone:4.2a1
    cpe:2.3:a:plone:plone:4.2a1
CVSS
Base: 9.3 (as of 10-10-2011 - 15:20)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
d2sec via4
name Plone RCE
url http://www.d2sec.com/exploits/plone_rce.html
exploit-db via4
description Plone and Zope Remote Command Execution PoC. CVE-2011-3587. Webapps exploits for multiple platform
id EDB-ID:18262
last seen 2016-02-02
modified 2011-12-21
published 2011-12-21
reporter Nick Miles
source https://www.exploit-db.com/download/18262/
title Plone and Zope Remote Command Execution PoC
metasploit via4
description Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
id MSF:EXPLOIT/MULTI/HTTP/PLONE_POPEN2
last seen 2019-01-30
modified 2017-07-24
published 2011-12-27
reliability Excellent
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/plone_popen2.rb
title Plone and Zope XMLTools Remote Command Execution
nessus via4
NASL family CGI abuses
NASL id PLONE_20110928.NASL
description The version of Plone hosted on the remote web server has a flaw that allows arbitrary access to Python modules. Using a specially crafted URL, this can allow an unauthenticated, remote attacker the ability to run arbitrary commands on the system through the Python 'os' module in the context of the 'Zope/Plone' service.
last seen 2019-02-21
modified 2018-11-15
plugin id 57350
published 2011-12-20
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=57350
title Plone Request Parsing Remote Command Execution
packetstorm via4
refmap via4
confirm
secunia
  • 46221
  • 46323
saint via4
bid 49857
description Plone Zope SAXutils Command Execution
osvdb 76105
title plone_zope_saxutils_cmd_exec
type remote
Last major update 20-10-2011 - 22:56
Published 10-10-2011 - 06:55
Back to Top