Executive Summary

Summary
Title Remote execution exploit in gallery
Informations
Name DSA-138 First vendor Publication 2002-08-01
Vendor Debian Last vendor Modification 2002-08-01
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A problem was found in gallery (a web-based photo album toolkit): it was possible to pass in the GALLERY_BASEDIR variable remotely. This made it possible to execute commands under the uid of web-server.

This has been fixed in version 1.2.5-7 of the Debian package and upstream version 1.3.1.

Original Source

Url : http://www.debian.org/security/2002/dsa-138

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 10

OpenVAS Exploits

Date Description
2008-09-04 Name : FreeBSD Ports: gallery
File : nvt/freebsd_gallery0.nasl
2008-01-17 Name : Debian Security Advisory DSA 138-1 (gallery)
File : nvt/deb_138_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
10359 Gallery captionator.php GALLERY_BASEDIR Parameter Remote File Inclusion

Snort® IPS/IDS

Date Description
2016-05-03 Bharat Mediratta Gallery PHP file inclusion attempt
RuleID : 38371 - Revision : 2 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date Description
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-138.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:26:54
  • Multiple Updates