| VID |
21847 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Coppermine Gallery is vulnerable to multiple file include vulnerabilities which exist in versions 1.4.3 and earlier. Coppermine Photo Gallery, developed by Gregory Demar, is a freely available PHP-based image gallery script that uses a MySQL backend database. Coppermine Photo Gallery versions 1.4.3 and earlier could allow a remote attacker to include malicious PHP files, caused by improper validation of user-supplied input passed to the f parameter of the docs/showdoc.php script and the lang parameter of the include/init.inc.php script. A remote attacker could exploit these vulnerabilities to execute arbitrary PHP script code and system commands in the security context of the Web server process.
* References:
http://retrogod.altervista.org/cpg_143_adv.html
http://www.securityfocus.com/archive/1/425387/30/0/threaded
http://coppermine-gallery.net/forum/index.php?topic=28062.0
http://secunia.com/advisories/18941/
* Platforms Affected:
Gregory Demar, Coppermine Photo Gallery versions 1.4.3 and earlier
Any operating system Any version |
| Recommendation |
Patch the affected scripts, as listed in the Coppermine Photo Gallery Web site at http://coppermine-gallery.net/forum/index.php?topic=28062.0
-- OR --
Upgrade to the latest version of Coppermine Photo Gallery (1.4.4 or later), available from the Coppermine Photo Gallery Web site at http://coppermine.sourceforge.net |
| Related URL |
CVE-2006-0872,CVE-2006-0873 (CVE) |
| Related URL |
16718 (SecurityFocus) |
| Related URL |
24814,24816 (ISS) |
|
