ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a (1) PHP or (2) CGI script.
References
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2009-04-27 22:30
Updated : 2024-02-04 17:33
NVD link : CVE-2008-6755
Mitre link : CVE-2008-6755
CVE.ORG link : CVE-2008-6755
JSON object : View
Products Affected
zoneminder
- zoneminder
redhat
- fedora
CWE
CWE-264
Permissions, Privileges, and Access Controls