Gentoo: GLSA-200409-05 Normal: Gallery Command Execution Issue
gentoo
September 2, 2004
The Gallery image upload code contains a temporary file handling vulnerability which could lead to execution of arbitrary commands.
Summary
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory GLSA 200409-05
https://security.gentoo.org/
Severity: Normal
Title: Gallery: Arbitrary command execution
Date: September 02, 2004
Bugs: #60742
ID: 200409-05
Synopsis
=======
The Gallery image upload code contains a temporary file handling
vulnerability which could lead to execution of arbitrary commands.
Background
=========
Gallery is a PHP script for maintaining online photo albums.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-apps/gallery < 1.4.4_p2 >= 1.4.4_p2
==========
The upload handling code in Gallery places uploaded files in a
temporary directory. After 30 seco...Read the Full Advisory
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS
NEXT
Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3312549_4c9dbbdde36eef04251a4ced7eac4df9 on line 11
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!