The remote host is running the Gallery web-based photo album.
There is a flaw in this version which makes it vulnerable to
a cross site scripting attack which may allow an attacker
to steal the cookies from the legitimate users of this system.
Solution : Upgrade to Gallery 1.3.4p1 or newer
Risk factor : Low
BugTraq ID: 8288|
Common Vulnerability Exposure (CVE) ID: CVE-2003-0614
Bugtraq: 20030727 Gallery XSS security advisory (with fix and patch instructions) (Google Search)
Bugtraq: 20030902 GLSA: gallery (200309-06) (Google Search)
Bugtraq: 20040101 Re: Gallery v1.3.3 Cross Site Scripting Vulnerabillity (Google Search)
Debian Security Information: DSA-355 (Google Search)
|Copyright||This script is Copyright (C) 2003 Tenable Network Security|
|This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.