Ravens PHP Scripts

Gallery Arbitrary File Upload Vulnerability
Date: Tuesday, January 25, 2011 @ 01:32:58 PST
Topic: Security


SECUNIA ADVISORY ID: SA43028

VERIFY ADVISORY: http://secunia.com/advisories/43028/

RELEASE DATE: 2011-01-25

CRITICALITY: Moderately Critical

DESCRIPTION: A vulnerability has been reported in Gallery, which can be exploited by malicious users to compromise a vulnerable system.


The vulnerability is caused due to the application incorrectly validating the extension of an uploaded file. This can be exploited to e.g. upload and execute arbitrary PHP files. Successful exploitation requires upload privileges. The vulnerability is reported in versions prior to 3.0.1.

SOLUTION: Update to version 3.0.1 or apply vendor supplied patches.

PROVIDED AND/OR DISCOVERED BY: The vendor credits Kriss Andsten.

ORIGINAL ADVISORY: Gallery: http://gallery.menalto.com/gallery_3.0.1_released




This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3885