Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6361


Vulnerability Score 5.0 5.0
CVE Id CVE-2007-6361
Last Modified 15 Nov 2008 02:04:23
Published 14 Dec 2007 08:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Gekko 0.8.2 and earlier stores sensitive information under the web root with possibly insufficient access control, which might allow remote attackers to read certain files under temp/, as demonstrated by a log file that records the titles of blog entries. NOTE: access to temp/ is blocked by .htaccess in most deployments that use Apache HTTP Server.

Vulnerable Systems


  • Gekkoware Gekko 0.8.2


XF - gekko-temp-directory-path-disclosure(38735)

BUGTRAQ - 20071128 Re: Gekko <=0.8.2 (temp directory) Path Disclosure

BUGTRAQ - 20071128 Gekko <=0.8.2 (temp directory) Path Disclosure

OSVDB - 44151

SREASON - 3451

Last Updated: 27 May 2016 10:46:28