ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a (1) PHP or (2) CGI script.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-04-27T22:00:00
Updated: 2024-08-07T11:42:00.804Z
Reserved: 2009-04-27T00:00:00
Link: CVE-2008-6755
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-04-27T22:30:00.217
Modified: 2024-11-21T00:57:23.033
Link: CVE-2008-6755
Redhat
No data.