ID CVE-2006-0330 Type cve Reporter cve@mitre.org Modified 2017-07-20T01:29:00
Description
Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname).
{"gentoo": [{"lastseen": "2016-09-06T19:46:52", "bulletinFamily": "unix", "description": "### Background\n\nGallery is a web application written in PHP which is used to organize and publish photo albums. It allows multiple users to build and maintain their own albums. It also supports the mirroring of images on other servers. \n\n### Description\n\nPeter Schumacher discovered that Gallery fails to sanitize the fullname set by users, possibly leading to a cross-site scripting vulnerability. \n\n### Impact\n\nBy setting a specially crafted fullname, an attacker can inject and execute script code in the victim's browser window and potentially compromise the user's gallery. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Gallery users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-apps/gallery-1.5.2\"\n\nNote: Users with the vhosts USE flag set should manually use webapp-config to finalize the update.", "modified": "2006-01-26T00:00:00", "published": "2006-01-26T00:00:00", "id": "GLSA-200601-13", "href": "https://security.gentoo.org/glsa/200601-13", "type": "gentoo", "title": "Gallery: Cross-site scripting vulnerability", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:19", "bulletinFamily": "software", "description": "## Vulnerability Description\nThe Gallery contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the fullname set by users. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## Solution Description\nUpgrade to version 1.5.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nThe Gallery contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the fullname set by users. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## References:\nVendor Specific News/Changelog Entry: http://bugs.gentoo.org/show_bug.cgi?id=119590\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1148)\n[Secunia Advisory ID:18557](https://secuniaresearch.flexerasoftware.com/advisories/18557/)\n[Secunia Advisory ID:18627](https://secuniaresearch.flexerasoftware.com/advisories/18627/)\n[Secunia Advisory ID:21502](https://secuniaresearch.flexerasoftware.com/advisories/21502/)\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200601-13.xml\nOther Advisory URL: http://gallery.menalto.com/page/gallery_1_5_2_release\nFrSIRT Advisory: ADV-2006-0282\n[CVE-2006-0330](https://vulners.com/cve/CVE-2006-0330)\nBugtraq ID: 16334\n", "modified": "2006-01-19T03:33:20", "published": "2006-01-19T03:33:20", "href": "https://vulners.com/osvdb/OSVDB:22660", "id": "OSVDB:22660", "type": "osvdb", "title": "The Gallery User Name XSS", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "nessus": [{"lastseen": "2020-01-01T07:47:47", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200601-13\n(Gallery: XSS vulnerability)\n\n Peter Schumacher discovered that Gallery fails to sanitize the\n fullname set by users, possibly leading to a cross-site scripting\n vulnerability.\n \nImpact :\n\n By setting a specially crafted fullname, an attacker can inject\n and execute script code in the victim", "modified": "2020-01-02T00:00:00", "id": "GENTOO_GLSA-200601-13.NASL", "href": "https://www.tenable.com/plugins/nessus/20815", "published": "2006-01-29T00:00:00", "title": "GLSA-200601-13 : Gallery: XSS vulnerability", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200601-13.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20815);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:32:43\");\n\n script_cve_id(\"CVE-2006-0330\");\n script_xref(name:\"GLSA\", value:\"200601-13\");\n\n script_name(english:\"GLSA-200601-13 : Gallery: XSS vulnerability\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200601-13\n(Gallery: XSS vulnerability)\n\n Peter Schumacher discovered that Gallery fails to sanitize the\n fullname set by users, possibly leading to a cross-site scripting\n vulnerability.\n \nImpact :\n\n By setting a specially crafted fullname, an attacker can inject\n and execute script code in the victim's browser window and potentially\n compromise the user's gallery.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # http://gallery.menalto.com/page/gallery_1_5_2_release\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://galleryproject.org/page/gallery_1_5_2_release\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200601-13\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Gallery users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apps/gallery-1.5.2'\n Note: Users with the vhosts USE flag set should manually use\n webapp-config to finalize the update.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gallery\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-apps/gallery\", unaffected:make_list(\"ge 1.5.2\"), vulnerable:make_list(\"lt 1.5.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Gallery\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-01T06:51:38", "bulletinFamily": "scanner", "description": "Several remote vulnerabilities have been discovered in gallery, a\nweb-based photo album. The Common Vulnerabilities and Exposures\nproject identifies the following problems :\n\n - CVE-2005-2734\n A cross-site scripting vulnerability allows injection of\n web script code through HTML or EXIF information.\n\n - CVE-2006-0330\n A cross-site scripting vulnerability in the user\n registration allows injection of web script code.\n\n - CVE-2006-4030\n Missing input sanitising in the stats modules allows\n information disclosure.", "modified": "2020-01-02T00:00:00", "id": "DEBIAN_DSA-1148.NASL", "href": "https://www.tenable.com/plugins/nessus/22690", "published": "2006-10-14T00:00:00", "title": "Debian DSA-1148-1 : gallery - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1148. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22690);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/08/02 13:32:19\");\n\n script_cve_id(\"CVE-2005-2734\", \"CVE-2006-0330\", \"CVE-2006-4030\");\n script_xref(name:\"DSA\", value:\"1148\");\n\n script_name(english:\"Debian DSA-1148-1 : gallery - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several remote vulnerabilities have been discovered in gallery, a\nweb-based photo album. The Common Vulnerabilities and Exposures\nproject identifies the following problems :\n\n - CVE-2005-2734\n A cross-site scripting vulnerability allows injection of\n web script code through HTML or EXIF information.\n\n - CVE-2006-0330\n A cross-site scripting vulnerability in the user\n registration allows injection of web script code.\n\n - CVE-2006-4030\n Missing input sanitising in the stats modules allows\n information disclosure.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2005-2734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-0330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-4030\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-1148\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the gallery package.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.5-1sarge2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gallery\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/08/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"gallery\", reference:\"1.5-1sarge2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2017-07-24T12:50:15", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200601-13.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=56225", "id": "OPENVAS:56225", "title": "Gentoo Security Advisory GLSA 200601-13 (gallery)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Gallery is possibly vulnerable to a cross-site scripting attack that could\nallow arbitrary JavaScript code execution.\";\ntag_solution = \"All Gallery users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apps/gallery-1.5.2'\n\nNote: Users with the vhosts USE flag set should manually use webapp-config\nto finalize the update.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200601-13\nhttp://bugs.gentoo.org/show_bug.cgi?id=119590\nhttp://gallery.menalto.com/page/gallery_1_5_2_release\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200601-13.\";\n\n \n\nif(description)\n{\n script_id(56225);\n script_cve_id(\"CVE-2006-0330\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_name(\"Gentoo Security Advisory GLSA 200601-13 (gallery)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-apps/gallery\", unaffected: make_list(\"ge 1.5.2\"), vulnerable: make_list(\"lt 1.5.2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:50:11", "bulletinFamily": "scanner", "description": "The remote host is missing an update to gallery\nannounced via advisory DSA 1148-1.\n\nSeveral remote vulnerabilities have been discovered in gallery, a web-based\nphoto album. The Common Vulnerabilities and Exposures project identifies\nthe following problems:\n\nCVE-2005-2734\n\nA cross-site scripting vulnerability allows injection of web script\ncode through HTML or EXIF information.\n\nCVE-2006-0330\n\nA cross-site scripting vulnerability in the user registration allows\ninjection of web script code.\n\nCVE-2006-4030\n\nMissing input sanitising in the stats modules allows information\ndisclosure.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=57264", "id": "OPENVAS:57264", "title": "Debian Security Advisory DSA 1148-1 (gallery)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1148_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1148-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 1.5-1sarge2.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.5-2.\n\nWe recommend that you upgrade your gallery package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201148-1\";\ntag_summary = \"The remote host is missing an update to gallery\nannounced via advisory DSA 1148-1.\n\nSeveral remote vulnerabilities have been discovered in gallery, a web-based\nphoto album. The Common Vulnerabilities and Exposures project identifies\nthe following problems:\n\nCVE-2005-2734\n\nA cross-site scripting vulnerability allows injection of web script\ncode through HTML or EXIF information.\n\nCVE-2006-0330\n\nA cross-site scripting vulnerability in the user registration allows\ninjection of web script code.\n\nCVE-2006-4030\n\nMissing input sanitising in the stats modules allows information\ndisclosure.\";\n\n\nif(description)\n{\n script_id(57264);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:13:11 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-2734\", \"CVE-2006-0330\", \"CVE-2006-4030\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Debian Security Advisory DSA 1148-1 (gallery)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gallery\", ver:\"1.5-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "debian": [{"lastseen": "2019-05-30T02:21:44", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1148-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nAugust 9th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : gallery\nVulnerability : several\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2005-2734 CVE-2006-0330 CVE-2006-4030\nDebian Bug : 325285\n\nSeveral remote vulnerabilities have been discovered in gallery, a web-based\nphoto album. The Common Vulnerabilities and Exposures project identifies\nthe following problems:\n\nCVE-2005-2734\n\n A cross-site scripting vulnerability allows injection of web script\n code through HTML or EXIF information.\n\nCVE-2006-0330\n\n A cross-site scripting vulnerability in the user registration allows\n injection of web script code.\n\nCVE-2006-4030\n\n Missing input sanitising in the stats modules allows information\n disclosure.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 1.5-1sarge2.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.5-2.\n\nWe recommend that you upgrade your gallery package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/g/gallery/gallery_1.5-1sarge2.dsc\n Size/MD5 checksum: 589 f66813dbb5218b6cae62345331e73de0\n http://security.debian.org/pool/updates/main/g/gallery/gallery_1.5-1sarge2.diff.gz\n Size/MD5 checksum: 15917 4f2cb50ce35dcdce2af96dc251ee695f\n http://security.debian.org/pool/updates/main/g/gallery/gallery_1.5.orig.tar.gz\n Size/MD5 checksum: 6654533 7d610b59e7bf9edbbfa0abb38e041754\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/g/gallery/gallery_1.5-1sarge2_all.deb\n Size/MD5 checksum: 6570476 5fd487a3d9973eb95af4eb4ee85cf545\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2006-08-09T00:00:00", "published": "2006-08-09T00:00:00", "id": "DEBIAN:DSA-1148-1:40EDB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00237.html", "title": "[SECURITY] [DSA 1148-1] New gallery packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}
