Covered by FixVibehigh

ZoneMinder Apache配置信息泄露（CVE-2016-10140） ZXCVFIXVIBESEND ZXCVFIXVIBESEG1 ZoneMinder 1.29 和 1.30 包含 Apache 错误配置，允许未经身份验证的目录浏览和潜在的身份验证绕过。 ZXCVFIXVIBESEND ZXCVFIXVIBESEG2 ZoneMinder 版本 1.29 和 1.30 受到捆绑的 Apache HTTP Server 配置错误的影响。此缺陷允许未经身份验证的远程攻击者浏览 Web 根目录，可能导致敏感信息泄露和身份验证绕过。 ZXCVFIXVIBESEND ZXCVFIXVIBESEG3 ## 影响 ZXCVFIXVIBESEND ZXCVFIXVIBESEG4 未经身份验证的远程攻击者可以浏览 ZoneMinder 安装 CVE-2016-10140 的 Web 根目录内的目录。这种暴露会导致敏感系统信息的泄露，并可能导致完全的身份验证绕过，从而允许对应用程序的管理界面 ZXCVFIXVIBETOKEN1ZXCV 进行未经授权的访问。 ZXCVFIXVIBESEND ZXCVFIXVIBESEG5 ## 根本原因 ZXCVFIXVIBESEND ZXCVFIXVIBESEG6 该漏洞是由与 ZoneMinder 版本 1.29 和 1.30 CVE-2016-10140 捆绑的有缺陷的 Apache HTTP Server 配置引起的。配置无法限制目录索引，这会导致 Web 服务器向未经身份验证的用户 ZXCVFIXVIBETOKEN1ZXCV 提供目录列表。 ZXCVFIXVIBESEND ZXCVFIXVIBESEG7 ## 修复 ZXCVFIXVIBESEND ZXCVFIXVIBESEG8 要解决此问题，管理员应将 ZoneMinder 更新到包含更正的 Web 服务器配置 CVE-2016-10140 的版本。如果无法立即升级，则应手动强化与 ZoneMinder 安装相关的 Apache 配置文件，以禁用目录索引并对 Web 根 ZXCVFIXVIBETOKEN1ZXCV 实施严格的访问控制。 ZXCVFIXVIBESEND ZXCVFIXVIBESEG9 ## 检测研究 ZXCVFIXVIBESEND ZXCVFIXVIBESEG10 对此漏洞的研究表明，检测涉及识别 ZoneMinder 实例并尝试在未经身份验证的情况下访问 Web 根目录或已知子目录 CVE-2016-10140。当不存在有效会话 ZXCVFIXVIBETOKEN1ZXCV 时，HTTP 响应正文中是否存在标准目录列表模式（例如“Index of /”字符串）通常表明存在易受攻击的状态。

ZoneMinder versions 1.29 and 1.30 are affected by a bundled Apache HTTP Server misconfiguration. This flaw allows remote, unauthenticated attackers to browse the web root directory, potentially leading to sensitive information disclosure and authentication bypass.

CVE-2016-10140CWE-200

Impact

A remote, unauthenticated attacker can browse directories within the web root of a ZoneMinder installation [S1]. This exposure allows for the disclosure of sensitive system information and can lead to a complete authentication bypass, granting unauthorized access to the application's management interface [S1].

Root Cause

The vulnerability is caused by a flawed Apache HTTP Server configuration bundled with ZoneMinder versions 1.29 and 1.30 [S1]. The configuration fails to restrict directory indexing, which results in the web server serving directory listings to unauthenticated users [S1].

Remediation

To address this issue, administrators should update ZoneMinder to a version that includes a corrected web server configuration [S1]. If an immediate upgrade is not possible, the Apache configuration files associated with the ZoneMinder installation should be manually hardened to disable directory indexing and enforce strict access controls on the web root [S1].

Detection Research

Research into this vulnerability indicates that detection involves identifying ZoneMinder instances and attempting to access the web root or known subdirectories without authentication [S1]. A vulnerable state is typically indicated by the presence of standard directory listing patterns, such as the "Index of /" string, in the HTTP response body when no valid session is present [S1].