Advanced search  

News:

cpg1.5.46 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter recently discovered vulnerabilities. It is important that all users who run version cpg1.5.44 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: small security problems  (Read 4118 times)

0 Members and 1 Guest are viewing this topic.

Andi

  • VIP
  • Coppermine regular visitor
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 85
  • Join the Future
    • www.pragmamx.org
small security problems
« on: October 23, 2004, 07:07:02 pm »

Hi dev-Team :)

the following files can be called directly and displays some error messages (full path disclosure):

include/search.inc.php,v 1.9 2004/09/30 22:30:38 nibbler999
include/plugin_api.inc.php,v 1.10 2004/09/04 00:40:22 kegobeer
include/picmgmt.inc.php,v 1.26 2004/10/22 09:36:39 caspershadow
include/keyword.inc.php,v 1.2 2004/08/13 04:27:20 gaugau
include/media.functions.inc.php,v 1.8 2004/09/25 19:09:44 caspershadow
include/langfallback.inc.php,v 1.8 2004/10/05 11:54:01 adityamooley
include/logger.inc.php,v 1.11 2004/08/08 09:57:13 gaugau
plugins/sef_urls/codebase.php,v 1.3 2004/08/08 20:48:47 oddeveloper
plugins/sef_urls/codebase.php,v 1.4 2004/08/08 10:06:56 gaugau

The same is in all language files.

With some only, if error_reporting is switched on  ;)


Maybe it's a good idea to put this line:
if (!defined('IN_COPPERMINE')) die('Not in Coppermine...');
in top of file


Additionaly, but i'm not shure....

In file include/keyword.inc.php,v 1.2 2004/08/13 04:27:20 gaugau there are this 2 lines in top of file:
Code: [Select]
define('IN_COPPERMINE', true);
define('SEARCH_PHP', true);
Is this correct?
« Last Edit: October 24, 2004, 02:53:10 pm by GauGau »
Logged
hope, I could help you... :)

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: small security problems
« Reply #1 on: October 24, 2004, 02:52:50 pm »

the following files can be called directly and displays some error messages (full path disclosure):

include/search.inc.php,v 1.9 2004/09/30 22:30:38 nibbler999
include/plugin_api.inc.php,v 1.10 2004/09/04 00:40:22 kegobeer
include/picmgmt.inc.php,v 1.26 2004/10/22 09:36:39 caspershadow
include/keyword.inc.php,v 1.2 2004/08/13 04:27:20 gaugau
include/media.functions.inc.php,v 1.8 2004/09/25 19:09:44 caspershadow
include/langfallback.inc.php,v 1.8 2004/10/05 11:54:01 adityamooley
include/logger.inc.php,v 1.11 2004/08/08 09:57:13 gaugau
plugins/sef_urls/codebase.php,v 1.3 2004/08/08 20:48:47 oddeveloper
plugins/sef_urls/codebase.php,v 1.4 2004/08/08 10:06:56 gaugau

The same is in all language files.

With some only, if error_reporting is switched on  ;)


Maybe it's a good idea to put this line:
if (!defined('IN_COPPERMINE')) die('Not in Coppermine...');
in top of file
Although there's little threat potential if an attacker tries to directly browse those files I added the line as you suggested.

Additionaly, but i'm not shure....

In file include/keyword.inc.php,v 1.2 2004/08/13 04:27:20 gaugau there are this 2 lines in top of file:
Code: [Select]
define('IN_COPPERMINE', true);
define('SEARCH_PHP', true);
Is this correct?
Yes, this is correct: the definition just says what var inside the language file to use - to keep things simpler and avoid redundancy, I used the lang vars from search.php.

Joachim
Logged

Andi

  • VIP
  • Coppermine regular visitor
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 85
  • Join the Future
    • www.pragmamx.org
Re: small security problems
« Reply #2 on: October 24, 2004, 04:27:41 pm »

Hi Joachim :)
I believe that was a misunderstanding.
With the constant SEARCH_PHP i was irritated and not sure.
But is not correct with the constant IN_COPPERMINE somewhat.

Iin the new file version (keyword.inc.php,v 1.3 2004/10/24 12:49:42 gaugau)  are this 2 lines:

line #19 : define('IN_COPPERMINE', true);

line #22 : if (!defined('IN_COPPERMINE')) { die('Not in Coppermine...');}

 ;) oh god my english...., sorry  :)
Logged
hope, I could help you... :)

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: small security problems
« Reply #3 on: October 25, 2004, 08:21:25 am »

you're right, that's a contradiction in terms. Both definitions are useless, I dropped them from the code.

Joachim
Logged
Pages: [1]   Go Up
 

Page created in 0.015 seconds with 20 queries.