ID de Prueba:	1.3.6.1.4.1.25623.1.0.891145
Categoría:	Debian Local Security Checks
Título:	Debian LTS: Security Advisory for zoneminder (DLA-1145-1)
Resumen:	Multiple vulnerabilities have been found in zoneminder. This update;fixes only a serious file disclosure vulnerability (CVE-2017-5595).
Descripción:	Summary: Multiple vulnerabilities have been found in zoneminder. This update fixes only a serious file disclosure vulnerability (CVE-2017-5595). Affected Software/OS: zoneminder on Debian Linux Solution: The application has been found to suffer from many other problems such as SQL injection vulnerabilities, cross-site scripting issues, cross-site request forgery, session fixation vulnerability. Due to the amount of issues and to the relative invasiveness of the relevant patches, those issues will not be fixed in Wheezy. We thus advise you to restrict access to zoneminder to trusted users only. If you want to review the list of ignored issues, you can check the referenced security tracker. We recommend that you upgrade your zoneminder packages. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-5595 BugTraq ID: 96125 http://www.securityfocus.com/bid/96125 http://seclists.org/bugtraq/2017/Feb/6 http://seclists.org/fulldisclosure/2017/Feb/11 https://github.com/ZoneMinder/ZoneMinder/commit/8b19fca9927cdec07cc9dd09bdcf2496a5ae69b3
Copyright	Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.