Steffen Joeris
2008-Sep-03 09:54 UTC
[Secure-testing-team] Bug#497640: zoneminder: Several security issues (XSS, SQL injection, Command injection)
Package: zoneminder
Severity: grave
Tags: security
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for zoneminder.
CVE-2008-3882[0]:
| ZoneMinder 1.23.3 and earlier allows remote attackers to execute
| arbitrary commands (aka "Command Injection") via (1) the
executeFilter
| function in zm_html_view_events.php and (2) the run_state parameter to
| zm_html_view_state.php.
CVE-2008-3881[1]:
| Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder
| 1.23.3 and earlier allow remote attackers to inject arbitrary web
| script or HTML via unspecified parameters to unspecified
| "zm_html_view_*.php" files.
CVE-2008-3880[2]:
| SQL injection vulnerability in zm_html_view_event.php in ZoneMinder
| 1.23.3 and earlier allows remote attackers to execute arbitrary SQL
| commands via the filter array parameter.
Another security report including all the vulnerabilities can be found here[3].
If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3882
http://security-tracker.debian.net/tracker/CVE-2008-3882
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3881
http://security-tracker.debian.net/tracker/CVE-2008-3881
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3880
http://security-tracker.debian.net/tracker/CVE-2008-3880
[3] http://www.securityfocus.com/archive/1/archive/1/495745/100/0/threaded
Cheers
Steffen