Intrusion Prevention

Plone.Zope.Remote.Command.Execution

Description

This indicates an attack attempt against a Buffer Overflow vulnerability in Zope.
The vulnerability is caused by an error when the software handles a maliciously crafted post request. It allows a remote attacker to execute arbitrary command within the context of the application.

Affected Products

Zope 2.12.x prior to version 2.12.20
Zope 2.13.x prior to version 2.13.10

Impact

System Compromise: Remote attackers can gain control of vulnerable systems

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587

CVE References

CVE-2011-3587