[VIM] CVE-2006-4030 - Gallery Stats Module

security curmudgeon jericho at attrition.org
Thu Oct 5 04:57:27 EDT 2006


Finally! This CVE has been locked for ages now, taunting me on the OSVDB 
backend.. waiting to find out what it cross references to =)

CVE-2006-4030
Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and 
earlier allows remote attackers to obtain sensitive information via 
unspecified attack vectors, related to "two file exposure bugs."

Based on "Gallery" + "Stats Module" + "1.5.1-RC2", this should track to 
OSVDB 19159:

19159: The Gallery Stats Module Unspecified File Disclosure
2005-09-01
http://gallery.sourceforge.net/
http://cvs.sourceforge.net/viewcvs.py/gallery/gallery/ChangeLog?rev=HEAD&content-type=text/vnd.viewcvs-markup

Changelog:
2005-08-24 Jay Rossiter <cryptographite at users.sf.net> 1.5.1-RC3-cvs-b13
  	* Fix: Prevent file exposure bug in stats module (thanks to ilia)

--

Now, CVE-2006-4030 says "two file exposure bugs" and the changelog says 
"file exposure bug" (singular). Looking at the debian bug report we see:

Date: Sat, 27 Aug 2005 17:21:56 +0000
Changes:
  gallery (1.5-2) unstable; urgency=high
    * SECURITY:
      + Fix two file exposure bugs in stats module.


So.. i'd hazard a guess that the Gallery developers/author noticed one 
file exposure bug back on 2005-08-24 and fixed it, but a closer inspection 
a few days later found a second?

Also, CVE-2006-4030 tracks to Secunia 16594 which mentions a single file 
disclosure vuln.

So, for OSVDB, i'm keeping our 19159 entry to track to the first of the 
two issues, dated 2005-08-24 (changelog), and creating a new one (29350) 
that will cross with CVE-2006-4030 dated 2005-08-27 (other 
changelog/debian bug comment).


More information about the VIM mailing list