Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
RE: Gallery 1.4 including file vulnerability
From: Brent Meshier (brentmeshier.com)
Date: Sat Oct 11 2003 - 13:41:47 CDT
The URL you mention is accessible only during the setup of Gallery.
Completing the installation, the user runs secure.sh or secure.bat which
"chmod 0 setup" making the vulnerability you mention inaccessible to the
Global Transport Logistics, Inc.
2770 Fortune Circle Drive
Indianapolis, IN 46241
(317) 481-0527 x23 Direct
(317) 481-0177 Fax
From: Peter Stöckli [mailto:pcsrootquest.com]
Sent: Saturday, October 11, 2003 11:13 AM
Subject: Gallery 1.4 including file vulnerability
-Proof of concept-
It is possible to include any php file from a remote host, and execute
it on the target's server.
If the file "http://tester/util.php" exists, it will be included.