Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-0232HistoryMar 20, 2013 - 3:55 p.m.
CVE-2013-0232
2013-03-2015:55:00
Debian Security Bug Tracker
security-tracker.debian.org
17
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.648
Percentile
97.9%
includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packageControl function; or (2) key or (3) command parameter in the setDeviceStatusX10 function.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | zoneminder | < 1.25.0-4 | zoneminder_1.25.0-4_all.deb |
| Debian | 11 | all | zoneminder | < 1.25.0-4 | zoneminder_1.25.0-4_all.deb |
| Debian | 999 | all | zoneminder | < 1.25.0-4 | zoneminder_1.25.0-4_all.deb |
Related
metasploit
metasploit
ZoneMinder Video Server packageControl Command Execution
2013-01-22 12:26:50
prion
prion
Command injection
2013-03-20 15:55:00
ubuntucve
ubuntucve
CVE-2013-0232
2013-03-20 00:00:00
nvd
nvd
CVE-2013-0232
2013-03-20 15:55:00
cvelist
cvelist
CVE-2013-0232
2013-03-20 15:00:00
cve
cve
CVE-2013-0232
2013-03-20 15:55:00
checkpoint_advisories
checkpoint_advisories
ZoneMinder Video Server packageControl Command Execution (CVE-2013-0232)
2014-06-25 00:00:00
nessus
nessus
Debian DSA-2640-1 : zoneminder - several issues
2013-03-15 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2640-1] zoneminder security update
2013-05-06 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2640-1)
2013-03-13 00:00:00
Debian Security Advisory DSA 2640-1 (zoneminder - several issues)
2013-03-14 00:00:00
exploitdb
exploitdb
ZoneMinder Video Server - packageControl Command Execution (Metasploit)
2013-01-24 00:00:00
debian
debian
[SECURITY] [DSA 2640-1] zoneminder security update
2013-03-14 18:04:52
osv
osv
zoneminder - several issues
2013-03-14 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.648
Percentile
97.9%
Related for DEBIANCVE:CVE-2013-0232