|
Family: CGI abuses --> Category: attack
Gallery < 2.0.3 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks for IP spoofing in Gallery
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that is affected by
multiple flaws.
Description :
The remote host is running Gallery, a web-based photo album
application written in PHP.
The version of Gallery installed on the remote host allows a possible hacker
to spoof his IP address with a bogus 'X_FORWARDED_FOR' HTTP header.
An authenticated attacker can reportedly leverage this flaw to launch
cross-site scripting attacks by adding comments to a photo as well as
other attacks.
In addition, the application reportedly fails to validate a session id
before using it, which can be used to delete arbitrary files on the
remote host subject to the rights of the web server user id.
See also :
http://www.gulftech.org/?node=research&article_id=00106-03022006
http://www.securityfocus.com/archive/1/426655/30/0/threaded
http://gallery.menalto.com/gallery_2.0.3_released
Solution :
Upgrade to Gallery 2.0.3 or later.
Threat Level:
Medium / CVSS Base Score : 4.7
(AV:R/AC:L/Au:NR/C:P/I:P/A:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|