| VID |
21967 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Gallery software is vulnerable to a directory traversal vulnerability via Gallery's ZipCart module. Gallery is a Web-based photo album program written in PHP. Gallery versions prior to 2.0.2 including zipcart module could allow a remote attacker to retrieve files. If the zipcart module has been installed and activated, a remote attacker could exploit this vulnerability to view arbitrary files and obtain sensitive information on the affected host. The zipcart module is not installed or activated by default, nor is it included in the minimal or typical packages offered by Gallery. Only customers who manually installed the zipcart module could be vulnerable to this issue.
* References:
http://archives.neohapsis.com/archives/bugtraq/2005-11/0371.html
http://www.securityfocus.com/archive/1/archive/1/418200/100/0/threaded
http://www.frsirt.com/english/advisories/2005/2681
http://www.frsirt.com/english/reference/1636
http://secunia.com/advisories/17747
* Platforms Affected:
Bharat Mediratta, Gallery versions prior to 2.0.2
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Gallery (2.0.2 or later), available from the Gallery Project Page Web site at http://codex.gallery2.org/index.php/Gallery2:Download
As a workaround, deactivate zipcart module. |
| Related URL |
CVE-2005-4023 (CVE) |
| Related URL |
15614 (SecurityFocus) |
| Related URL |
23343 (ISS) |
|
