Text only | Text with Images

coppermine-gallery.com/forum

No Support => General discussion (no support!) => Topic started by: François Keller on October 28, 2006, 08:18:00 AM

Title: security issue in 1.4.9?
Post by: François Keller on October 28, 2006, 08:18:00 AM
Hi,

This link was post on french board:
http://www.milw0rm.com/exploits/2660 (http://www.milw0rm.com/exploits/2660)
Is this a real security problem on Coppermine 1.4.9 ?
Title: Re: security issue in 1.4.9?
Post by: Aditya Mooley on October 28, 2006, 09:59:48 AM
Yes, it is an exploit.

Till the time we release a new security update, users can manually fix this as follows:

Open picmgr.php
Somewhere near line 353
find:
Code Select

$aid = isset($_GET['aid']) ? ($_GET['aid']) : 0;


replace with
Code Select

$aid = isset($_GET['aid']) ? (int)($_GET['aid']) : 0;
Title: Re: security issue in 1.4.9?
Post by: François Keller on October 28, 2006, 10:13:25 AM
Ok thank's for replay, i'll post your fix in the french board
Title: Re: security issue in 1.4.9?
Post by: Joachim Müller on October 30, 2006, 01:06:49 AM
cpg1.4.10 has been released to address the issue - see announcement thread (http://forum.coppermine-gallery.net/index.php?topic=37895.0).
Text only | Text with Images