Lucene search
PRIOn knowledge basePRION:CVE-2008-4129HistorySep 18, 2008 - 8:00 p.m.
Directory traversal
2008-09-1820:00:00
PRIOn knowledge base
www.prio-n.com
4
Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload) functionality.
References
gallery.menalto.com/gallery_1.5.9_released
gallery.menalto.com/gallery_2.2.6_released
secunia.com/advisories/31912
secunia.com/advisories/32662
secunia.com/advisories/33144
security.gentoo.org/glsa/glsa-200811-02.xml
www.securityfocus.com/bid/31231
exchange.xforce.ibmcloud.com/vulnerabilities/45228
www.redhat.com/archives/fedora-package-announce/2008-December/msg00794.html
www.redhat.com/archives/fedora-package-announce/2008-December/msg00832.html
Related
ubuntucve
ubuntucve
CVE-2008-4129
2008-09-18 00:00:00
nvd
nvd
CVE-2008-4129
2008-09-18 20:00:00
cve
cve
CVE-2008-4129
2008-09-18 20:00:00
cvelist
cvelist
CVE-2008-4129
2008-09-18 20:00:00
openvas
openvas
FreeBSD Ports: gallery
2008-09-24 00:00:00
FreeBSD Ports: gallery
2008-09-24 00:00:00
Fedora Update for gallery2 FEDORA-2008-11258
2009-02-13 00:00:00
nessus
nessus
Fedora 9 : gallery2-2.3-1.fc9 (2008-11258)
2008-12-15 00:00:00
Fedora 8 : gallery2-2.3-1.fc8 (2008-11230)
2008-12-15 00:00:00
Fedora 10 : gallery2-2.3-1.fc10 (2008-11218)
2009-04-23 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: gallery2-2.3-1.fc8
2008-12-13 15:03:15
[SECURITY] Fedora 9 Update: gallery2-2.3-1.fc9
2008-12-13 15:08:04
[SECURITY] Fedora 10 Update: gallery2-2.3-1.fc10
2008-12-13 15:01:20
gentoo
gentoo
Gallery: Multiple vulnerabilities
2008-11-09 00:00:00
securityvulns
securityvulns