[VIM] Gallery LFI - third party disputed vs vendor

George A. Theall theall at tenablesecurity.com
Tue Sep 2 15:35:43 UTC 2008

On Aug 24, 2008, at 6:02 AM, security curmudgeon wrote:

> CVE-2008-3600
> Disclosure and Dispute:
> http://archives.neohapsis.com/archives/bugtraq/2008-08/0091.html
> http://archives.neohapsis.com/archives/bugtraq/2008-08/0115.html
> Vendor:
> http://gallery.menalto.com/gallery_1.5.8_released
> One security issue was reported to us in private by the Digital  
> Security Research Group [DSecRG] who were professional and are  
> waiting until after this release to publish their findings.
> --
> who's right? =)

DSecRG -- gallery doesn't have much under "contrib/phpBB2" other than  
"modules.php" and some text files:


There is no "extension.inc". Nor is there anything matching "common.*"  
or "includes/functions.*", which makes me wonder why DSecRG's PoC uses  
a directory traversal sequence to grab "/etc/passwd".

theall at tenablesecurity.com

More information about the VIM mailing list