Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6756

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2008-6756
Last Modified 13 May 2009 01:25:41
Published 27 Apr 2009 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-6756

Summary

ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for /etc/zm.conf, which allows local users to obtain the database username and password by reading this file.

Vulnerable Systems

Application

  • Zoneminder 1.23.3


References

XF - zoneminder-etczmconf-info-disclosure(50325)

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=250715


Last Updated: 27 May 2016 10:49:20