What Are You Looking For?

Sign Up

- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200309-06
- - ---------------------------------------------------------------------

          PACKAGE : gallery
          SUMMARY : cross site scripting
             DATE : 2003-09-02 11:11 UTC
          EXPLOIT : remote
VERSIONS AFFECTED : =gallery-1.3.4_p1
              CVE : CAN-2003-0614

- - ---------------------------------------------------------------------

quote from cve:

"Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1
through 1.3.4 allows remote attackers to insert arbitrary web script via
the searchstring parameter."

SOLUTION

It is recommended that all Gentoo Linux users who are running
app-misc/gallery upgrade to gallery-1.3.4_p1 as follows:

emerge sync
emerge gallery
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at   
- - ---------------------------------------------------------------------

Gentoo: 'gallery' cross-site scripting vulnerability

Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1through 1.3.4 allows remote attackers to insert arbitrary web script viathe searchstring parameter.

Summary


- - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200309-06
- - ---------------------------------------------------------------------

- - ---------------------------------------------------------------------

quote from cve:

"Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1
through 1.3.4 allows remote attackers to insert arbitrary web script via
the searchstring parameter."

SOLUTION

It is recommended that all Gentoo Linux users who are running
app-misc/gallery upgrade to gallery-1.3.4_p1 as follows:

emerge sync
emerge gallery
emerge clean

- - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at   
- - ---------------------------------------------------------------------

Resolution

References

Availability

Concerns

Severity
PACKAGE : gallery
SUMMARY : cross site scripting
DATE : 2003-09-02 11:11 UTC
EXPLOIT : remote
VERSIONS AFFECTED : =gallery-1.3.4_p1
CVE : CAN-2003-0614

Synopsis

Background

Affected Packages

Impact

Workaround

Related News

From Heartbleed to Now: Evolving Threats in OpenSSL and How to Guard Against Them

Nov 17, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Nov 25, 2023

Windows, Linux Systems Targeted in Pro-Hamas BiBi Wiper Malware Attack

Nov 15, 2023

News

Advisories

HOWTOs

Features

Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap

About Us

Powered By

Footer Logo