forum.coppermine-gallery.net

No Support => General discussion (no support!) => Topic started by: François Keller on October 28, 2006, 08:18:00 am

Title: security issue in 1.4.9?
Post by: François Keller on October 28, 2006, 08:18:00 am

Hi,

This link was post on french board:
http://www.milw0rm.com/exploits/2660 (http://www.milw0rm.com/exploits/2660)
Is this a real security problem on Coppermine 1.4.9 ?

Title: Re: security issue in 1.4.9?
Post by: Aditya Mooley on October 28, 2006, 09:59:48 am

Yes, it is an exploit.

Till the time we release a new security update, users can manually fix this as follows:

Open picmgr.php
Somewhere near line 353
find:

Code: [Select]

$aid = isset($_GET['aid']) ? ($_GET['aid']) : 0;

replace with

Code: [Select]

$aid = isset($_GET['aid']) ? (int)($_GET['aid']) : 0;


Title: Re: security issue in 1.4.9?
Post by: François Keller on October 28, 2006, 10:13:25 am

Ok thank's for replay, i'll post your fix in the french board

Title: Re: security issue in 1.4.9?
Post by: Joachim Müller on October 30, 2006, 01:06:49 am

cpg1.4.10 has been released to address the issue - see announcement thread (http://forum.coppermine-gallery.net/index.php?topic=37895.0).