CVE-2002-0687

Name of the Vulnerable Software and Affected Versions Zope versions 2.0 through 2.5.1 b1

Description The issue allows untrusted users to shut down the Zope server via certain headers, specifically when using the "through the web code" capability. This is caused by a vulnerability that can be exploited by a remote attacker injecting malicious headers into a response, resulting in a denial of service attack that can cause the vulnerable system to crash.

Recommendations For Zope versions 2.0 through 2.5.1 b1, consider disabling the "through the web code" capability as a temporary workaround until a patch is available. Restrict access to the Zope server to minimize the risk of exploitation. Avoid using the vulnerable capability in production environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.