Candidate: CVE-2017-5595
PublicDate: 2017-02-06 17:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5595
 http://seclists.org/bugtraq/2017/Feb/6
 http://seclists.org/fulldisclosure/2017/Feb/11
 https://github.com/ZoneMinder/ZoneMinder/commit/8b19fca9927cdec07cc9dd09bdcf2496a5ae69b3
 http://www.openwall.com/lists/oss-security/2017/02/05/1
Description:
 A file disclosure and inclusion vulnerability exists in web/views/file.php
 in ZoneMinder 1.x through v1.30.0 because of unfiltered user-input being
 passed to readfile(), which allows an authenticated attacker to read local
 system files (e.g., /etc/passwd) in the context of the web server user
 (www-data). The attack vector is a .. (dot dot) in the path parameter
 within a zm/index.php?view=file&path= request.
Ubuntu-Description:
Notes:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=1419507
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N [5.5 MEDIUM]

Patches_zoneminder:
 upstream: https://github.com/ZoneMinder/ZoneMinder/commit/8b19fca9927cdec07cc9dd09bdcf2496a5ae69b3
upstream_zoneminder: needs-triage
precise_zoneminder: ignored (reached end-of-life)
precise/esm_zoneminder: DNE (precise was needed)
trusty_zoneminder: ignored (reached end-of-life)
trusty/esm_zoneminder: DNE (trusty was needed)
vivid/stable-phone-overlay_zoneminder: DNE
vivid/ubuntu-core_zoneminder: DNE
xenial_zoneminder: ignored (end of standard support, was needed)
yakkety_zoneminder: ignored (reached end-of-life)
zesty_zoneminder: ignored (reached end-of-life)
artful_zoneminder: ignored (reached end-of-life)
bionic_zoneminder: DNE
cosmic_zoneminder: not-affected
disco_zoneminder: not-affected
eoan_zoneminder: not-affected
focal_zoneminder: not-affected
groovy_zoneminder: not-affected
hirsute_zoneminder: not-affected
impish_zoneminder: not-affected
jammy_zoneminder: not-affected
devel_zoneminder: not-affected