Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: [bug] Remote include file ....  (Read 6511 times)

0 Members and 1 Guest are viewing this topic.

tuxsoul

  • Contributor
  • Coppermine newbie
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 17
    • blog
[bug] Remote include file ....
« on: March 09, 2007, 07:32:39 pm »

Hi,  i see in securityfocus a new report of bug, can developer's check please  :)

http://www.securityfocus.com/archive/1/462322/30/0/threaded
« Last Edit: April 01, 2007, 02:47:59 pm by GauGau »
Logged
¿do you like my comment?, gift me one bitcoin: 1266FWznbEW1uLNPsLU9ATBxGuM1U19thB
bitcoin pay forward project: 15pjRCNT2CpzVo7HQ6b6r4q18Vv4Da7y9K

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: [bug] Remote include file ....
« Reply #1 on: March 09, 2007, 08:27:27 pm »

Valid report, moving to bugs section. Needs looking into, please stay tuned for the fix.
Logged

Nibbler

  • Guest
Re: [bug] Remote include file ....
« Reply #2 on: March 09, 2007, 09:10:38 pm »

There are no vulnerabilities here, seems to be the result of an automated code scanner.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: [bug] Remote include file ....
« Reply #3 on: March 10, 2007, 12:35:17 pm »

Imo there are vulnerabilities on certain, unsecure server-setups, with the vars in the URL not being defined within the script under all circumstances. Best practise is to define all vars used, particularly those that are being used as a path or the ones sent to the shell using exec.
The fixes for the vulnerabilities are easy: just add
Code: [Select]
$cmd = '';and similar to the top of the pages that are being mentioned.
Imo this should be fixed, and yes, they even justify a maintenance release imo.
Logged

Nibbler

  • Guest
Re: [bug] Remote include file ....
« Reply #4 on: March 10, 2007, 01:26:21 pm »

Well that is what they scanned for, but I didn't find any cases which were actually exploitable. They were contained within functions so no injected variables would be in scope. I agree they should be fixed but I don't think it warrants a release unless the flaws can actually be abused. Maybe I missed something.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: [bug] Remote include file ....
« Reply #5 on: March 11, 2007, 11:06:57 am »

Yes, they reside within functions, you're right.
Logged
Pages: [1]   Go Up
 

Page created in 0.015 seconds with 19 queries.