Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 219694 (CVE-2008-1381)

Summary: www-misc/zoneminder <1.23.3 Unspecified Code Execution Vulnerabilities (CVE-2008-1381,CVE-2008-2033)
Product: Gentoo Security Reporter: Joel <smoothp9nguin>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: web-apps
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/advisories/29995/
Whiteboard: ~1 [noglsa]
Package list:
Runtime testing required: ---

Description Joel 2008-04-29 09:05:16 UTC 
Secunia:

Description:
Some vulnerabilities have been reported in ZoneMinder, which potentially can be exploited by malicious users to compromise a vulnerable system.

The vulnerabilities are caused due to unspecified errors and can be exploited to execute arbitrary code.

Solution:
Update to version 1.23.3.

Original Advisory:
http://www.zoneminder.com/wiki/index.php/Change_History#Release_1.23.3
Comment 1 Joel 2008-04-29 09:28:48 UTC 
http://www.awe.com/mark/blog/200804272230.html (thanks to thoger)
Comment 2 Gunnar Wrobel (RETIRED) gentoo-dev 2008-05-06 10:01:42 UTC 
zoneminder-1.23.3 is in the tree. All versions were marked unstable and I'm going to remove the older versions once I got feedback that the newer ebuild works fine.
Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2008-05-06 15:34:57 UTC 
thanks, closing then.