News:

CPG Release 1.6.29
During HTML5 upload, keep pseudo blank code 200 messages from triggering error condition
added Russian language
correct failure to use theme menu icons in album manager
minor vulnerabilities mitigation

Main Menu

[bug] File Inclusion and Command Execution (SA24019)

Started by xerofun, March 30, 2007, 09:31:01 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

xerofun

March 30, 2007, 09:31:01 PM Last Edit: April 01, 2007, 02:49:18 PM by GauGau
Didn't find this one in the bugs board and by searching throught the board. So if there's already a solution posted, sorry for the double post.

Checkout:
http://secunia.com/advisories/24019/

1) I fixed this by commenting out the "include($path)" in function cpg_get_custom_include in include/functions.inc.php because I'm sure I will never make use of this function. Definit solution might be to only allow to include files within the cpg installation directory or maybe even only within the themes directory? This concludes that the permissions of the cpg installation directory needs to be set correctly, so that no local user can put any files into any of the directories.

2) Fixed this by replacing every ; with \; in $CONFIG['im_options'] everytime it is used in include/imageObjectIM.class.php and
include/picmgmt.inc.php (see attached patch).

Hope this helps.

In case there's already a fix, sorry. Just remove the posting. ;)

Nibbler

#1
March 30, 2007, 09:48:16 PM
This has already been discussed. It's a non-issue. Only give admin rights to people you trust.
Print
Go Up Pages1
User actions