FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

coppermine -- File Inclusion Vulnerabilities

Affected packages
coppermine < 1.4.4

Details

VuXML ID 77cceaef-e9a4-11da-b9f4-00123ffe8333
Discovery 2006-02-20
Entry 2006-05-22

Secunia reports:

Coppermine Photo Gallery have a vulnerability, which can be exploited by malicious people and by malicious users to compromise a vulnerable system.

1) Input passed to the "lang" parameter in include/init.inc.php isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from local resources. The vulnerability can be further exploited by users who are allowed to upload image files to execute arbitrary PHP code.

2) Input passed to the "f" parameter in docs/showdoc.php isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from local resources on the Windows platform, and remote files from Windows shared folders.

References

CVE Name CVE-2006-0872
CVE Name CVE-2006-0873
URL http://retrogod.altervista.org/cpg_143_adv.html
URL http://secunia.com/advisories/18941/