Contribute  :  Support  :  Downloads  :  Forum  :  Links  :  Polls  :  Calendar  :  Directory  :  Advanced Search  
Geeklog The Ultimate Weblog System

advanced search 

Resources

Getting started
Support
Development

Sections

Home
Geeklog (190)
Geeklog 2 (28)
Announcements (201)
Summer of Code (8)
Security (55)
Plugins (50)
Server (26)
Spam (10)

User Functions

:

:

Don't have an account yet? Sign up as a New User
Lost your password?

What's New

STORIES

No new stories

COMMENTS last 2 days

No new comments

TRACKBACKS last 2 days

No new trackback comments

NEW FILES last 14 days


LINKS last 2 weeks

No recent new links

Older Stories

Monday 17-Mar


Tuesday 08-Jan


Saturday 29-Dec


Tuesday 04-Dec


Sunday 04-Nov
Welcome to Geeklog
Friday, May 16 2008 @ 04:28 AM EDT
   

Security Vulnerability in Media Gallery v1.4x

Tuesday, May 15 2007 @ 09:53 AM EDT
Contributed by: mevans
Views: 2,751
SecurityA security vulnerability has been identified in Media Gallery affecting all of the v1.4 releases. This vulnerability could allow properly crafted URLs to load files onto your web server and potentially overwrite existing files. Media Gallery v1.4.8b has been released to address this vulnerability and should be upgraded immediately! My thanks to Max for reporting this issue this morning and providing the relevant site logs to validate the vulnerability.

If you do not want to upgrade to the latest version of Media Gallery, you should apply the following patch:

Edit mediagallery/maint/ftpmedia.php

Near the top, immediately before the following line:

require_once($_MG_CONF['path_html'] . 'lib-batch.php');

Add the following code:

// this file can't be used on its own
if (strpos ($_SERVER['PHP_SELF'], 'ftpmedia.php') !== false)
{
    die ('This file can not be used on its own.');
}

Save ftpmedia.php. This should resolve the issue.

For more information on other enhancements and fixes to Media Gallery v1.4.8b, please see www.gllabs.org.

Thanks!
Mark

 

What's Related

Story Options

Trackback

Trackback URL for this entry: http://www.geeklog.net/trackback.php/20070515095353878

No trackback comments for this entry.
Security Vulnerability in Media Gallery v1.4x | 4 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
Security Vulnerability in Media Gallery v1.4x
Authored by: amckay on Thursday, June 14 2007 @ 11:18 AM EDT
One of my sites just got hacked using the cmdx.php program inside the "maint" directory.

Simply FYI.

I can send you apache logs if interested. Contact me in email : alan(dot)mckay(thatfunnysign)gmail(dotheretoo)com
Security Vulnerability in Media Gallery v1.4x
Authored by: amckay on Thursday, June 14 2007 @ 01:23 PM EDT
aha, in closer examination of the logs I see that 'cmdx.php' is something the hacker installed by means of your FTP program. Scary stuff. This cmdx.php thing has allowed him to execute all sorts of commands on my server. Full directory listings. Deleting files, etc.
Security Vulnerability in Media Gallery v1.4x
Authored by: mevans on Thursday, June 14 2007 @ 04:09 PM EDT
Just to confirm, this was caused by the original vulnerability in the ftpmedia.php file, not a new issue?

---
gl Labs - extending Geeklog through plugins - www.gllabs.org
Security Vulnerability in Media Gallery v1.4x
Authored by: richardpitt on Monday, October 22 2007 @ 09:23 PM EDT
One of my sites - with MG 1.5.0 got hacked on Oct 10, 2007 at about 10PM Eastern.

In my logs I have record of attempts for the previous version back in May 2007 and this one looks similar - they added a link to a bogus firefox download to the footer.thtml file in my geeklog

© 2002-2008 Geeklog
Created this page in 0.38 seconds		 Powered By Geeklog 1.4.1 
Hosted by pair.com