Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:20409
HistoryAug 26, 2008 - 12:00 a.m.

ZoneMinder Multiple Vulnerabilities

2008-08-2600:00:00
vulners.com
47
JSON

ZoneMinder Multiple Vulnerabilities

by Filip Palian <filip (dot) palian (at) pjwstk (dot) edu (dot) pl>

Software affected: ZoneMinder <= 1.23.3

Severity: Critical

Description (from the vendor site):
ZoneMinder is an integrated set of applications which provide a complete surveillance solution
allowing capture, analysis, recording and monitoring of any CCTV or security cameras attached to a
Linux based machine.

Overview:
ZoneMinder is prone to Command Injection, SQL Injcetion and XSS. All attacks are possible because of
lack of user input sanitizing.

I. Command Injection
In the "zm_html_view_events.php" function executeFilter() doesn't validate user input.
In the "zm_html_view_state.php" parameter "run_state" is not validated.

II. SQL Injcetion
In the "zm_html_view_event.php" array "filter" is not validated.

III .XSS
In the "zm_html_view_*.php" multiple XSS exists.

Status:
At the moment no fixes were provided by the vendor. As a workaround restricted access to
authenticated users only and granting the lowest privileges is suggested.

Disclousre timeline:
18 VI 2008 Vulerability sent to the vendor.
18 VI 2008 Initial vendor response.
26 VIII 2008 Security bulletin released.

Link:
http://www.zoneminder.com/

Best regards,
Filip Palian.

JSON