Re: [MajorSecurity #18] Ralf Image Gallery <=0.7.4 - Multiple XSS, Remote File Include and directory traversal vulnerabilities Jun 27 2006 06:52PM
Ralf (ralfoide gmail com)
This is a follow up to the security vulnerability described in:

As author and maintainer of RIG (a.k.a. the Ralf Image Gallery), I
made a fix available upstream yesterday:

I strongly recommend you grab version 1.0 on Sourceforge or stop using
RIG versions 0.6.5-0.7.5 at once. The choice is yours.

Summary of the fix: a missing exit statement was missing in the entry
point validation. I also added a check to enforce php's
register_globals is turned off.

More details available here:

I'd usually thank Aesthetico for finding this vulnerability. However
given how this was handled I will refrain. I apologize for the long
delay in providing this fix, mostly due to having to take my server
offline after it had been compromised as a direct consequence of the
vulnerability being exposed without prior notification (email logs
don't lie, despite whatever claim has been made.)


[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus