Lucene search
MitreCVELIST:CVE-2017-5595HistoryFeb 06, 2017 - 5:00 p.m.
CVE-2017-5595
2017-02-0617:00:00
mitre
www.cve.org
A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile(), which allows an authenticated attacker to read local system files (e.g., /etc/passwd) in the context of the web server user (www-data). The attack vector is a … (dot dot) in the path parameter within a zm/index.php?view=file&path= request.
Related
ubuntucve
ubuntucve
CVE-2017-5595
2017-02-06 00:00:00
alpinelinux
alpinelinux
CVE-2017-5595
2017-02-06 17:59:00
prion
prion
Arbitrary file deletion
2017-02-06 17:59:00
osv
osv
CVE-2017-5595
2017-02-06 17:59:00
zoneminder - security update
2017-10-26 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: zoneminder-1.28.1-8.fc24
2017-02-18 18:50:20
[SECURITY] Fedora 25 Update: zoneminder-1.28.1-8.fc25
2017-02-18 18:21:48
nessus
nessus
Debian DLA-1145-1 : zoneminder security update
2017-10-27 00:00:00
Fedora 25 : zoneminder (2017-2bb174ae3c)
2017-02-21 00:00:00
Fedora 24 : zoneminder (2017-d5fb74cd2e)
2017-02-21 00:00:00
debiancve
debiancve
CVE-2017-5595
2017-02-06 17:59:00
openvas
openvas
Fedora Update for zoneminder FEDORA-2017-2bb174ae3c
2017-02-20 00:00:00
Fedora Update for zoneminder FEDORA-2017-d5fb74cd2e
2017-02-20 00:00:00
Debian: Security Advisory (DLA-1145-1)
2018-02-07 00:00:00
nvd
nvd
CVE-2017-5595
2017-02-06 17:59:00
debian
debian
[SECURITY] [DLA 1145-1] zoneminder security update
2017-10-26 16:18:22
cve
cve
CVE-2017-5595
2017-02-06 17:59:00
zdt
zdt
ZoneMinder - Multiple Vulnerabilities
2017-02-05 00:00:00
packetstorm
packetstorm
ZoneMinder XSS / CSRF / File Disclosure / Authentication Bypass
2017-02-06 00:00:00
mageia
mageia
Updated zoneminder packages fix security vulnerability
2017-06-10 02:05:58