CVE-2008-4129 - OpenCVE

Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload) functionality.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gallery	Gallery

Configuration 1 [-]

OR	cpe:2.3:a:gallery:gallery::::::::
	cpe:2.3:a:gallery:gallery:2.2.0:::::::*
	cpe:2.3:a:gallery:gallery:2.2.1:::::::*
	cpe:2.3:a:gallery:gallery:2.2.2:::::::*
	cpe:2.3:a:gallery:gallery:2.2.3:::::::*
	cpe:2.3:a:gallery:gallery:2.2.4:::::::*

Configuration 2 [-]

cpe:2.3:a:gallery:gallery:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://gallery.menalto.com/gallery_1.5.9_released
http://gallery.menalto.com/gallery_2.2.6_released
http://secunia.com/advisories/31912
http://secunia.com/advisories/32662
http://secunia.com/advisories/33144
http://security.gentoo.org/glsa/glsa-200811-02.xml
http://www.securityfocus.com/bid/31231
https://exchange.xforce.ibmcloud.com/vulnerabilities/45228
https://nvd.nist.gov/vuln/detail/CVE-2008-4129
https://www.cve.org/CVERecord?id=CVE-2008-4129
https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00794.html
https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00832.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-09-18T20:00:00

Updated: 2024-08-07T10:08:34.912Z

Reserved: 2008-09-18T00:00:00

Link: CVE-2008-4129

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-09-18T20:00:00.577

Modified: 2017-08-08T01:32:26.513

Link: CVE-2008-4129

Redhat

Severity : Moderate

Publid Date: 2008-09-18T00:00:00Z

Links: CVE-2008-4129 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-09-18T00:00:00", "descriptions": [{"lang": "en", "value": "Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload) functionality."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-200811-02", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200811-02.xml"}, {"name": "33144", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33144"}, {"name": "gallery-ziparchives-information-disclosure(45228)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45228"}, {"name": "31912", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31912"}, {"name": "32662", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32662"}, {"name": "FEDORA-2008-11258", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00832.html"}, {"name": "31231", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31231"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://gallery.menalto.com/gallery_2.2.6_released"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://gallery.menalto.com/gallery_1.5.9_released"}, {"name": "FEDORA-2008-11230", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00794.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-4129", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload) functionality."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-200811-02", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200811-02.xml"}, {"name": "33144", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33144"}, {"name": "gallery-ziparchives-information-disclosure(45228)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45228"}, {"name": "31912", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31912"}, {"name": "32662", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32662"}, {"name": "FEDORA-2008-11258", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00832.html"}, {"name": "31231", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31231"}, {"name": "http://gallery.menalto.com/gallery_2.2.6_released", "refsource": "CONFIRM", "url": "http://gallery.menalto.com/gallery_2.2.6_released"}, {"name": "http://gallery.menalto.com/gallery_1.5.9_released", "refsource": "CONFIRM", "url": "http://gallery.menalto.com/gallery_1.5.9_released"}, {"name": "FEDORA-2008-11230", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00794.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:08:34.912Z"}, "title": "CVE Program Container", "references": [{"name": "GLSA-200811-02", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200811-02.xml"}, {"name": "33144", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33144"}, {"name": "gallery-ziparchives-information-disclosure(45228)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45228"}, {"name": "31912", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31912"}, {"name": "32662", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32662"}, {"name": "FEDORA-2008-11258", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00832.html"}, {"name": "31231", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31231"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://gallery.menalto.com/gallery_2.2.6_released"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://gallery.menalto.com/gallery_1.5.9_released"}, {"name": "FEDORA-2008-11230", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00794.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-4129", "datePublished": "2008-09-18T20:00:00", "dateReserved": "2008-09-18T00:00:00", "dateUpdated": "2024-08-07T10:08:34.912Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gallery:gallery:*:*:*:*:*:*:*:*", "matchCriteriaId": "F63EDF9A-1818-41D4-96EF-DFF61994C27F", "versionEndIncluding": "2.2.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:gallery:gallery:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CAD2DDED-A01D-4026-B8C3-0DA916466D1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:gallery:gallery:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "D400C30B-BD93-4419-BEC2-24A470F5E473", "vulnerable": true}, {"criteria": "cpe:2.3:a:gallery:gallery:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "8180C4E9-EFC9-438C-AAAF-B09B838CA17E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gallery:gallery:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "B2ED9F1B-D3BD-42BA-8300-6A719A577F7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:gallery:gallery:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3A821D29-75FA-4A6D-BE1A-D11906FA188D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gallery:gallery:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2630CD9-31D8-4E24-B518-03D94B3383B9", "versionEndIncluding": "1.5.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive upload (aka zip upload) functionality."}, {"lang": "es", "value": "Gallery, versiones anteriores a 1.5.9, y 2.x y versiones anteriores a 2.2.6, no trata adecuadamente archivos ZIP que contienen enlaces simb\u00f3licos, el cual permite a los usuarios remotos autentificados manejar los ataques de salto de directorio y leer archivos arbitrariamente a trav\u00e9s de vectores relativos a el fichero cargado funcionalmente (alias zip cargado)."}], "id": "CVE-2008-4129", "lastModified": "2017-08-08T01:32:26.513", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-09-18T20:00:00.577", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://gallery.menalto.com/gallery_1.5.9_released"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://gallery.menalto.com/gallery_2.2.6_released"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/31912"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/32662"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/33144"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200811-02.xml"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/31231"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45228"}, {"source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00794.html"}, {"source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg00832.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}