7 matches found
Debian: Security Advisory (DLA-1145-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1145-1] zoneminder security update
Package : zoneminder Version : 1.25.0-4+deb7u2 CVE ID : CVE-2017-5595 Multiple vulnerabilities have been found in zoneminder. This update fixes only a serious file disclosure vulnerability CVE-2017-5595. The application has been found to suffer from many other problems such as SQL injection...
Fedora 24 : zoneminder (2017-d5fb74cd2e)
Security fix for CVE-2017-5595 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
CVE-2017-5595
A file disclosure and inclusion vulnerability exists in web/views/file.php in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being passed to readfile, which allows an authenticated attacker to read local system files e.g., /etc/passwd in the context of the web server user www-dat...
CVE-2017-5595
CVE-2017-5595 affects ZoneMinder 1.x up to v1.30.0, enabling an authenticated attacker to read local files (e.g., /etc/passwd) via web/views/file.php due to unfiltered input passed to readfile(); the attack uses a .. in the path parameter zm/index.php?view=file&path=. Connected advisories confirm...
ZoneMinder XSS / CSRF / File Disclosure / Authentication Bypass
========================================================================== Product: ZoneMinder Versions: Multiple versions - see inline Vulnerabilities: File disclosure, XSS, CSRF, Auth bypass & Info disclosure CVE-IDs: CVE-2017-5595, CVE-2017-5367, CVE-2017-5368, CVE-2016-10140 Author: John...
ZoneMinder - Multiple Vulnerabilities
Exploit for php platform in category web applications ========================================================================== Product: ZoneMinder Versions: Multiple versions - see inline Vulnerabilities: File disclosure, XSS, CSRF, Auth bypass & Info disclosure CVE-IDs: CVE-2017-5595,...