[VIM] Gallery LFI - third party disputed vs vendor
George A. Theall
theall at tenablesecurity.com
Tue Sep 2 15:35:43 UTC 2008
On Aug 24, 2008, at 6:02 AM, security curmudgeon wrote:
> CVE-2008-3600
>
> Disclosure and Dispute:
> http://archives.neohapsis.com/archives/bugtraq/2008-08/0091.html
> http://archives.neohapsis.com/archives/bugtraq/2008-08/0115.html
>
> Vendor:
> http://gallery.menalto.com/gallery_1.5.8_released
>
> One security issue was reported to us in private by the Digital
> Security Research Group [DSecRG] who were professional and are
> waiting until after this release to publish their findings.
>
> --
>
> who's right? =)
DSecRG -- gallery doesn't have much under "contrib/phpBB2" other than
"modules.php" and some text files:
http://gallery.svn.sourceforge.net/viewvc/gallery/tags/RELEASE_1_5_7/gallery/contrib/phpBB2/
There is no "extension.inc". Nor is there anything matching "common.*"
or "includes/functions.*", which makes me wonder why DSecRG's PoC uses
a directory traversal sequence to grab "/etc/passwd".
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list