Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1128

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-1128
Last Modified 07 Mar 2011 09:32:07
Published 09 Mar 2006 05:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1128

Summary

Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote attackers to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is sanitized.

Vulnerable Systems

Application

  • Gallery Project Gallery 2.0

  • Gallery Project Gallery 2.0 Alpha

  • Gallery Project Gallery 2.0 Alpha1

  • Gallery Project Gallery 2.0 Alpha2

  • Gallery Project Gallery 2.0 Alpha3

  • Gallery Project Gallery 2.0 Alpha4

  • Gallery Project Gallery 2.0 Beta1

  • Gallery Project Gallery 2.0 Beta2

  • Gallery Project Gallery 2.0 Beta3

  • Gallery Project Gallery 2.0.1

  • Gallery Project Gallery 2.0.2


References

SECTRACK - 1015717

SECUNIA - 19104

VUPEN - ADV-2006-0813

OSVDB - 23597

MISC - http://www.gulftech.org/?node=research&article_id=00106-03022006

BUGTRAQ - 20060303 Gallery 2 Multiple Vulnerabilities

XF - gallery-sessionid-bypass-security(25118)

BID - 16948

CONFIRM - http://gallery.menalto.com/gallery_2.0.3_released


Last Updated: 27 May 2016 10:41:56