Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2006-1219

Directory traversal vulnerability in Gallery 2.0.3 and earlier, and 2.1 before RC-2a, allows remote attackers to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.

Related bugs and status

CVE-2006-1219 (Candidate) is related to these bugs:

Bug #35528: security hole in 2.0.2/2.0.3

		In	Importance	Status
35528	security hole in 2.0.2/2.0.3	gallery2 (Ubuntu)	High	Fix Released
35528	security hole in 2.0.2/2.0.3	gallery2 (Ubuntu Dapper)	Undecided	Fix Released
35528	security hole in 2.0.2/2.0.3	gallery2 (Ubuntu Breezy)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://gallery.menalto...
SECUNIA: 19175
BID: 17051
VUPEN: ADV-2006-0895
XF: gallery-multiple-index...
EXPLOIT-DB: 1566