ZoneMinder Local File Inclusion Vulnerability


Description   (:A local file inclusion vulnerability has been identified in ZoneMinder.:An authenticated remote attacker could exploit it in order to read arbitrary file with the rights of web server (www-data) via a specially crafted HTTP request.::This vulnerability stems from a lack of validation upon user-supplied input passed to the "readfile()" function in the "views/file.php" source file.::A proof of concept is available.::The zoneminder packages provided by Debian Wheezy 7 are vulnerable.)
     
Vulnerable Products   Vulnerable OS:
Fedora (Red Hat) - 24, 25GNU/Linux (Debian) - 7
     
Solution   Fixed zoneminder packages for Fedora 24 and 25 are available.
     
CVE   CVE-2017-5595
     
References   - oss : ZoneMinder - multiple vulnerabilities
http://seclists.org/bugtraq/2017/Feb/6
- Debian Security Tracker : zoneminder
https://security-tracker.debian.org/tracker/CVE-2017-5595
- FEDORA-2017-2bb174ae3c : Fedora 25 Update: zoneminder-1.28.1-8.fc25
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O4REEDSS44EFX6Q5HQ6SWM5HVYRNLNGF/
- FEDORA-2017-d5fb74cd2e : Fedora 24 Update: zoneminder-1.28.1-8.fc24
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25GCK3X4C2XY4YBBWCKSWDEYWBHTJKGV/
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Misc : Directory traversal - parameter starting with ../
3.2.0
Directory traversal using ..\..
3.2.0
Directory traversal
3.2.0
Directory traversal backward root folder
3.2.0
Misc : Local File Inclusion - suspicious /etc/passwd found in URL
3.5.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2017-02-05 

 Target Type 
Server 

 Possible exploit 
Remote