Gallery Releases Gallery 2.0.4 release / 2.1-RC-2a update
Posted on Saturday, March 11, 2006 @ 17:04:17 CST Thanks once again to James Bercegay from GulfTech Security Research for tipping us off to a security vulnerability in Gallery 2.0.3 and the 2.1 release candidates. Your installation is only vulnerable if you have the register_globals PHP setting enabled. If you're vulnerable, an attacker can use this to execute a "local inclusion" exploit, or run code that's already on your server. This is especially dangerous if you allow upload privileges to users you don't trust, and your g2data directory is in a predictable location.
We have released Gallery 2.0.4 and 2.1-RC-2a to fix this vulnerability, but it's also very easily patched by hand if you don't want to install a complete update. Read on for more details on how to quickly secure your Gallery install.
This vulnerability affects all versions of Gallery 2.x, but Gallery 1.x is not affected. If you're using Gallery 2.x we strongly recommend that you upgrade or secure your Gallery installation as soon as possible!
There are several quick and easy ways to secure your Gallery installation from this particular exploit. Pick whichever one of these makes the most sense to you. You only need to do one of these!
-
The easiest way to secure your Gallery 2 install, either in 2.0.x or 2.1 is to simply delete the index.php file from inside your upgrade and install directories. When you next do an upgrade, you'll get a new, secure copy of these files. In the meantime you won't be able to run the install/upgrade code (but if your Gallery is working fine, you won't miss it).
-
If you're using 2.0.x, we have provided update files that contain the minimum files you need to get your Gallery up to date. Follow the upgrading instructions to apply the patch.
-
Turn off the register_globals PHP setting. Edit your server's php.ini file and find a line like this:
register_globals = On
and change it to:
register_globals = Off
then restart your webserver.
-
Edit upgrade/index.php. The first line should be . On the second line add the following:
$stepOrder = array();
Repeat this for install/index.php.
If you have problems, please ask for help in the Gallery 2 Installation and Configuration Help forum
|
| | |
|