Test Kennung:	1.3.6.1.4.1.25623.1.0.891145
Kategorie:	Debian Local Security Checks
Titel:	Debian LTS: Security Advisory for zoneminder (DLA-1145-1)
Zusammenfassung:	Multiple vulnerabilities have been found in zoneminder. This update;fixes only a serious file disclosure vulnerability (CVE-2017-5595).
Beschreibung:	Summary: Multiple vulnerabilities have been found in zoneminder. This update fixes only a serious file disclosure vulnerability (CVE-2017-5595). Affected Software/OS: zoneminder on Debian Linux Solution: The application has been found to suffer from many other problems such as SQL injection vulnerabilities, cross-site scripting issues, cross-site request forgery, session fixation vulnerability. Due to the amount of issues and to the relative invasiveness of the relevant patches, those issues will not be fixed in Wheezy. We thus advise you to restrict access to zoneminder to trusted users only. If you want to review the list of ignored issues, you can check the referenced security tracker. We recommend that you upgrade your zoneminder packages. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-5595 BugTraq ID: 96125 http://www.securityfocus.com/bid/96125 http://seclists.org/bugtraq/2017/Feb/6 http://seclists.org/fulldisclosure/2017/Feb/11 https://github.com/ZoneMinder/ZoneMinder/commit/8b19fca9927cdec07cc9dd09bdcf2496a5ae69b3
Copyright	Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.