Exploit 1.4.19? Exploit 1.4.19?
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Exploit 1.4.19?

Started by mahdi1234, January 29, 2009, 08:13:34 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

mahdi1234

January 29, 2009, 08:13:34 PM
How about this one, do dev know it?

http://www.milw0rm.com/exploits/7909

Joachim Müller

#1
January 29, 2009, 08:50:56 PM
Thanks for letting us know - that's a brand-new one. We'll look into this and come up with a resolution as soon as possible.

Abbas Ali

#2
January 30, 2009, 06:38:37 AM
I can confirm this exploit. Working for a fix.

The patch given by the reporter unsets all variables which were registered because of register_globals on. I think this is the correct way.
Chief Geek at Ranium Systems

Joachim Müller

#3
February 04, 2009, 11:33:52 AM
cpg1.4.20 has just been released, which takes care of the exploit. See corresponding announcement thread cpg1.4.20 Security release - upgrade mandatory!
Print
Go Up Pages1
User actions