[geeklog-users] Geeklog/Gallery Vulnerbility Fix
Tony Bibbs
tony at tonybibbs.com
Thu Dec 11 09:25:47 EST 2003
Blah, don't apologize. Most of us love the integration you have
provided with Gallery and we are glad you are providing a quick fix.
Vincent Furia wrote:
> All that is required to correct this vulnerbility is to remove the line:
>
> require_once($GEEKLOG_DIR . '/lib-common.php');
>
>>From the files User.php and UserDB.php in the gallery\classes\geeklog
> folder.
>
> The other locations where $GEEKLOG_DIR is found are preceded by an
> "include('config.php');" which eliminates the security risk in those
> areas. (This is because the $GEEKLOG_DIR variable is assigned a value in
> the config.php file overriding any value passed by GET or POST). It might
> not be a bad idea to check to be sure that $GEEKLOG_DIR is in the
> config.php file (though the integration will not work without its
> presence).
>
> I'll put together an update which addresses these problems as soon as I
> can (perhaps as soon as this weekend). By early next year I'll try to
> complete a security audit of the geeklog/gallery integration code to try
> to eliminate all security problems.
>
> I appologize to those affected by this problem and I hope that not many
> machines were compromised as result of this problem. I don't know how
> long this vulerbility has been in the code, but it has been there for more
> than a year (since before I began to work on the integration).
>
> -Vinny
> _______________________________________________
> geeklog-users mailing list
> geeklog-users at lists.geeklog.net
> http://lists.geeklog.net/listinfo/geeklog-users
More information about the geeklog-users
mailing list