|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[sec-adv] Gallery Arbitrary File Inclusion Vulnerability
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Mon Oct 13 2003 - 05:35:15 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Gallery Arbitrary File Inclusion Vulnerability
SECUNIA ADVISORY ID:
SA9998
VERIFY ADVISORY:
http://www.secunia.com/advisories/9998/
CRITICAL:
Moderately critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
Gallery 1.x
DESCRIPTION:
A vulnerability has been reported in Gallery allowing malicious
people to include arbitrary files.
The problem is that "setup/index.php" doesn't verify the
"GALLERY_BASEDIR" parameter properly allowing malicious people to
supply arbitrary paths to local and remote resources.
The vulnerability only affects Gallery 1.4 and later in setup mode.
SOLUTION:
Update to version 1.4-pl2:
http://sourceforge.net/project/showfiles.php?group_id=7130&release_id=184028
In production mode the "setup" directory isn't accesible.
REPORTED BY / CREDITS:
pcs, rootquest
OTHER REFERENCES:
http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=93&mode=thread&order=0&thold=0
----------------------------------------------------------------------
Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +45 7020 5144
Fax : +45 7020 5145
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]