ID COPPERMINE_GALLERY_SQL_INJECTION.NASL Type nessus Reporter Tenable Modified 2018-06-13T00:00:00
Description
The remote host is running Coppermine Gallery - a set of PHP scripts
designed to handle galleries of pictures.
This product has a vulnerability which allows a remote attacker to
execute arbitrary SQL queries.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if(description)
{
script_id(11564);
script_bugtraq_id(7471);
script_version ("1.17");
script_name(english:"Coppermine Photo Gallery displayimage.php SQL Injection");
script_summary(english:"Does a version check");
script_set_attribute(attribute:"synopsis",value:
"A web application running on the remote web server has a SQL
injection vulnerability." );
script_set_attribute(attribute:"description", value:
"The remote host is running Coppermine Gallery - a set of PHP scripts
designed to handle galleries of pictures.
This product has a vulnerability which allows a remote attacker to
execute arbitrary SQL queries." );
script_set_attribute(
attribute:"solution",
value:"Upgrade to Coppermine 1.1 beta 3 or later."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:U/RC:ND");
script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_publication_date", value: "2003/05/04");
script_cvs_date("Date: 2018/06/13 18:56:26");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.");
script_dependencie("coppermine_gallery_detect.nasl");
script_require_ports("Services/www", 80);
exit(0);
}
#
# The script code starts here
#
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
port = get_http_port(default:80);
kb = get_kb_list("www/" + port + "/coppermine_photo_gallery");
if ( isnull(kb) ) exit(0);
foreach k ( kb )
{
version = split(k, sep:" under ", keep:0);
if ( ereg(pattern:"^v?(0\.|1\.(0\.|1 (devel|Beta [12]([^0-9]|$))))", string:version[0], icase:TRUE) )
{
security_hole(port);
set_kb_item(name: 'www/'+port+'/SQLInjection', value: TRUE);
exit(0);
}
}
{"id": "COPPERMINE_GALLERY_SQL_INJECTION.NASL", "bulletinFamily": "scanner", "title": "Coppermine Photo Gallery displayimage.php SQL Injection", "description": "The remote host is running Coppermine Gallery - a set of PHP scripts\ndesigned to handle galleries of pictures.\n\nThis product has a vulnerability which allows a remote attacker to\nexecute arbitrary SQL queries.", "published": "2003-05-04T00:00:00", "modified": "2018-06-13T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=11564", "reporter": "Tenable", "references": [], "cvelist": [], "type": "nessus", "lastseen": "2019-01-16T20:05:20", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote host is running Coppermine Gallery - a set of PHP scripts designed to handle galleries of pictures.\n\nThis product has a vulnerability which allows a remote attacker to execute arbitrary SQL queries.", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "cd6b1cfe39d09f8272400e0bead15dec3d523fcf5e1ffd3df707b3239c88d5fe", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "5299677d29a0b2004584ce465e834b3e", "key": "modified"}, {"hash": "67a365a363e759793d84a4868d22bb56", "key": "pluginID"}, {"hash": "c996be425f12469db9f5104cd75d77a9", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "e71a6bbdf2d5c051234b751ff923b37a", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "7ff2e198fcb0ff349726cf876346c336", "key": "href"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "5cc9018d226be42de57b8edce515f407", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "574fd25e2002666eef3a0014c4563947", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=11564", "id": "COPPERMINE_GALLERY_SQL_INJECTION.NASL", "lastseen": "2018-06-14T07:00:11", "modified": "2018-06-13T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.3", "pluginID": "11564", "published": "2003-05-04T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(11564);\n script_bugtraq_id(7471);\n script_version (\"1.17\");\n\n script_name(english:\"Coppermine Photo Gallery displayimage.php SQL Injection\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\",value:\n\"A web application running on the remote web server has a SQL\ninjection vulnerability.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running Coppermine Gallery - a set of PHP scripts\ndesigned to handle galleries of pictures.\n\nThis product has a vulnerability which allows a remote attacker to\nexecute arbitrary SQL queries.\" );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Coppermine 1.1 beta 3 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:U/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2003/05/04\");\n script_cvs_date(\"Date: 2018/06/13 18:56:26\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n \n script_copyright(english:\"This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.\");\n \n script_dependencie(\"coppermine_gallery_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80);\n\nkb = get_kb_list(\"www/\" + port + \"/coppermine_photo_gallery\");\nif ( isnull(kb) ) exit(0);\n\nforeach k ( kb )\n{\n version = split(k, sep:\" under \", keep:0);\n if ( ereg(pattern:\"^v?(0\\.|1\\.(0\\.|1 (devel|Beta [12]([^0-9]|$))))\", string:version[0], icase:TRUE) )\n \t{\n\tsecurity_hole(port);\n\tset_kb_item(name: 'www/'+port+'/SQLInjection', value: TRUE);\n\texit(0);\n\t}\n}\n\n", "title": "Coppermine Photo Gallery displayimage.php SQL Injection", "type": "nessus", "viewCount": 4}, "differentElements": ["description"], "edition": 2, "lastseen": "2018-06-14T07:00:11"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": [], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "The remote host is running Coppermine Gallery - a set of PHP scripts designed to handle galleries of pictures.\n\nThis product has a vulnerability which allows a remote attacker to execute arbitrary SQL queries.", "edition": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "436c028ffdf0e7cb116c7761710e7aa7c084995b4e5147a1441bcbff95976f44", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6a3cb9b7c719fc4b4900487ce83048d0", "key": "modified"}, {"hash": "67a365a363e759793d84a4868d22bb56", "key": "pluginID"}, {"hash": "c996be425f12469db9f5104cd75d77a9", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "e71a6bbdf2d5c051234b751ff923b37a", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "7ff2e198fcb0ff349726cf876346c336", "key": "href"}, {"hash": "07948b8ff59e8dda0b01012f70f00327", "key": "naslFamily"}, {"hash": "eee5c03758d34224edf01459f8ede29d", "key": "sourceData"}, {"hash": "5cc9018d226be42de57b8edce515f407", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=11564", "id": "COPPERMINE_GALLERY_SQL_INJECTION.NASL", "lastseen": "2016-09-26T17:23:10", "modified": "2011-03-17T00:00:00", "naslFamily": "CGI abuses", "objectVersion": "1.2", "pluginID": "11564", "published": "2003-05-04T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(11564);\n script_bugtraq_id(7471);\n script_osvdb_id(50625);\n script_version (\"$Revision: 1.16 $\");\n\n script_name(english:\"Coppermine Photo Gallery displayimage.php SQL Injection\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\",value:\n\"A web application running on the remote web server has a SQL\ninjection vulnerability.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running Coppermine Gallery - a set of PHP scripts\ndesigned to handle galleries of pictures.\n\nThis product has a vulnerability which allows a remote attacker to\nexecute arbitrary SQL queries.\" );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Coppermine 1.1 beta 3 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:U/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2003/05/04\");\n script_cvs_date(\"$Date: 2011/03/17 01:57:37 $\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n \n script_copyright(english:\"This script is Copyright (C) 2003-2011 Tenable Network Security, Inc.\");\n \n script_dependencie(\"coppermine_gallery_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80);\n\nkb = get_kb_list(\"www/\" + port + \"/coppermine_photo_gallery\");\nif ( isnull(kb) ) exit(0);\n\nforeach k ( kb )\n{\n version = split(k, sep:\" under \", keep:0);\n if ( ereg(pattern:\"^v?(0\\.|1\\.(0\\.|1 (devel|Beta [12]([^0-9]|$))))\", string:version[0], icase:TRUE) )\n \t{\n\tsecurity_hole(port);\n\tset_kb_item(name: 'www/'+port+'/SQLInjection', value: TRUE);\n\texit(0);\n\t}\n}\n\n", "title": "Coppermine Photo Gallery displayimage.php SQL Injection", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:23:10"}], "edition": 3, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "f1b3d4f0c1f5b91b0a24eb7829ef93a4"}, {"key": "href", "hash": "7ff2e198fcb0ff349726cf876346c336"}, {"key": "modified", "hash": "5299677d29a0b2004584ce465e834b3e"}, {"key": "naslFamily", "hash": "07948b8ff59e8dda0b01012f70f00327"}, {"key": "pluginID", "hash": "67a365a363e759793d84a4868d22bb56"}, {"key": "published", "hash": "c996be425f12469db9f5104cd75d77a9"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "574fd25e2002666eef3a0014c4563947"}, {"key": "title", "hash": "5cc9018d226be42de57b8edce515f407"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "0341e5a30871ece9976bea93c53e44a13d69bf4afff20b1bc05ed866647d1710", "viewCount": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2019-01-16T20:05:20"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(11564);\n script_bugtraq_id(7471);\n script_version (\"1.17\");\n\n script_name(english:\"Coppermine Photo Gallery displayimage.php SQL Injection\");\n script_summary(english:\"Does a version check\");\n\n script_set_attribute(attribute:\"synopsis\",value:\n\"A web application running on the remote web server has a SQL\ninjection vulnerability.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running Coppermine Gallery - a set of PHP scripts\ndesigned to handle galleries of pictures.\n\nThis product has a vulnerability which allows a remote attacker to\nexecute arbitrary SQL queries.\" );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Coppermine 1.1 beta 3 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:U/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2003/05/04\");\n script_cvs_date(\"Date: 2018/06/13 18:56:26\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n \n script_copyright(english:\"This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.\");\n \n script_dependencie(\"coppermine_gallery_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:80);\n\nkb = get_kb_list(\"www/\" + port + \"/coppermine_photo_gallery\");\nif ( isnull(kb) ) exit(0);\n\nforeach k ( kb )\n{\n version = split(k, sep:\" under \", keep:0);\n if ( ereg(pattern:\"^v?(0\\.|1\\.(0\\.|1 (devel|Beta [12]([^0-9]|$))))\", string:version[0], icase:TRUE) )\n \t{\n\tsecurity_hole(port);\n\tset_kb_item(name: 'www/'+port+'/SQLInjection', value: TRUE);\n\texit(0);\n\t}\n}\n\n", "naslFamily": "CGI abuses", "pluginID": "11564", "cpe": []}
