TITLE: Coppermine Photo Gallery Multiple File Extensions Vulnerability
SECUNIA ADVISORY ID: SA20211
VERIFY ADVISORY: http://secunia.com/advisories/20211/
CRITICAL: Moderately critical
IMPACT: System access
WHERE: >From remote
SOFTWARE: Coppermine Photo Gallery 1.x
http://secunia.com/product/1427/
DESCRIPTION:
A vulnerability has been reported in Coppermine Photo Gallery, which can be exploited by malicious users to compromise a vulnerable system.
The vulnerability is caused due to an error in the handling of file uploads where a filename has multiple file extensions. This can be exploited to upload malicious script files inside the web root (e.g. a PHP script).
Successful exploitation may allow execution of script code depending on the HTTP server configuration (it requires e.g. an Apache server with the "mod_mime" module installed).
The vulnerability has been reported in version 1.4.5. Prior versions may also be affected.
SOLUTION: Update to version 1.4.6.
http://sourceforge.net/project/showfiles.php?group_id=89658
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
Related
Re: Coppermine Photo Gallery Multiple File Extensions Vulnerability (Score: 1) |  | Well this definately rules out the use of 1.3.1c *LOL* I sure am glad I bit the bullet and began using Gallery2 |
| Re: Coppermine Photo Gallery Multiple File Extensions Vulnerability (Score: 1) by pcnuke on Sunday, May 28, 2006 @ 15:12:47 CDT (User Info | Send a Message) | |
From reviewing the coding inside of v1.3.1c file: modules/coppermine/db_input.php The admin sets all allowed extensions inside of the coppermine/config sections, so this Security problem would not apply to this version pcn |
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
