Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 234119 (CVE-2008-3481) - www-apps/coppermine <1.4.19 Code injection, path diclosure (CVE-2008-{3481,3486})
Summary: www-apps/coppermine <1.4.19 Code injection, path diclosure (CVE-2008-{3481,34...
Status: RESOLVED FIXED
Alias: CVE-2008-3481
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: http://forum.coppermine-gallery.net/i...
Whiteboard: ~1? [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2008-08-06 18:54 UTC by Robert Buchholz (RETIRED)
Modified: 2008-09-07 17:57 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
coppermine poc (coppermine_POC.text,7.66 KB, text/plain)
2008-08-09 17:07 UTC, Emanuele Gentili 		no flags Details
CVE-2008-3481.patch (CVE-2008-3481.patch,2.70 KB, text/plain)
2008-08-09 17:57 UTC, Emanuele Gentili 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-08-06 18:54:55 UTC 
CVE-2008-3481 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3481):
  themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and earlier
  allows remote attackers to obtain sensitive information via a direct request,
  which reveals the installation path in an error message.
Comment 1 Emanuele Gentili 2008-08-09 17:07:19 UTC 
Created attachment 162581 [details]
coppermine poc
Comment 2 Emanuele Gentili 2008-08-09 17:57:14 UTC 
Created attachment 162585 [details]
CVE-2008-3481.patch
Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2008-08-15 11:06:17 UTC 
CVE-2008-3486 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3486):
  Directory traversal vulnerability in the user_get_profile function in
  include/functions.inc.php in Coppermine Photo Gallery (CPG) 1.4.18 and
  earlier, when the charset is utf-8, allows remote attackers to include and
  execute arbitrary local files via a .. (dot dot) in the lang part of
  serialized data in an _data cookie.
Comment 4 Gunnar Wrobel (RETIRED) gentoo-dev 2008-09-07 17:52:52 UTC 
Added coppermine-1.4.19, removed 1.4.16, 1.4.18, unstable on all arches, webapps done.
Comment 5 Pierre-Yves Rofes (RETIRED) gentoo-dev 2008-09-07 17:57:32 UTC 
Thanks, closing without GLSA.