Gallery Remote Arbitrary Code Execution

2001-10-02T00:00:00
ID OSVDB:1967
Type osvdb
Reporter OSVDB
Modified 2001-10-02T00:00:00

Description

Vulnerability Description

Gallery 1.2 contains a flaw that may allow a malicious user to include arbitrary remote PHP files for execution. The issue is triggered when a malicious user calls an include script and passes in an 'includedir' variable. It is possible that the flaw may allow the execution of arbitrary code resulting in a loss of confidentiality, integrity, and/or availability.

Solution Description

Upgrade to version 1.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Gallery 1.2 contains a flaw that may allow a malicious user to include arbitrary remote PHP files for execution. The issue is triggered when a malicious user calls an include script and passes in an 'includedir' variable. It is possible that the flaw may allow the execution of arbitrary code resulting in a loss of confidentiality, integrity, and/or availability.

References:

Vendor URL: http://gallery.menalto.com/ ISS X-Force ID: 7215 Generic Exploit URL: http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html CVE-2001-1234 CERT VU: 847803 Bugtraq ID: 3397