|
|
Log in / Subscribe / Register

zoneminder: information disclosure

Package(s):zoneminder CVE #(s):CVE-2017-5595
Created:February 20, 2017 Updated:February 22, 2017
Description: From the Red Hat bugzilla entry:

File disclosure and inclusion vulnerability exists in ZoneMinder due to unfiltered user-input being passed to readfile() in views/file.php which allows an authenticated attacker to read local system files (e.g. /etc/passwd) in the context of the web server user (www-data).

Alerts:
Fedora FEDORA-2017-d5fb74cd2e zoneminder 2017-02-18
Fedora FEDORA-2017-2bb174ae3c zoneminder 2017-02-18
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds