<<< Date Index >>>     <<< Thread Index >>>

Directory Traversal Vulnerability in Goop Gallery 2.0.2



Armorize Technologies Security Advisory

Advisory No:
Armorize-ADV-2006-0004

Status:
Partial

Date:
2006/10/04

Bugtraq No.:
N/A

Summary:
Armorize-ADV-2006-0004 discloses a special case of directory traversal 
vulnerability found in Goop Gallery, which is is a directory based photo 
gallery and does not require database installation. All you have to do is 
upload your images with GOOP Gallery, set a hand full of configuration 
variables, and you've got a picture gallery. GOOP Gallery dynamically resizes 
images to sizes you specify. No need to spend hours making thumbnails or 
writing code for every picture, GOOP Gallery will do that for you. The 
configuration file allows you to adjust almost every aspect of your gallery. 
GOOP Gallery 2.0 allows you to set multiple ways for viewing your images and 
let's vistors set their own preference.

Affected Software:
Goop Gallery 2.0.2

Vulnerability Description:
Directory Traversal

Analysis/Impact:
Allows malicious users to access restricted directories and/or view data 
outside the normal scope which may lead to information theft and invasion of 
privacy.

Detection/Exploit(partial):
http://www.example.com/[PATH]/download.php

Protection/Solution:
1. Escape every questionable user input.
2. Add sanitization functions before passing parameters to sensitive functions.

Credit: Security Team at Armorize Technologies, Inc. (security@xxxxxxxxxxxx)


Additional Information:
Link to this Armorize advisory
http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0004

Links to all Armorize advisories
http://www.armorize.com/advisory/

Links to Armorize vulnerability database
http://www.armorize.com/resources/vulnerability.php

Armorize Technologies is a software security company focused on Web application 
security. Our source code analysis tools provide Web application security that 
transcends firewalls, intrusion detection systems (IDSs), and all other 
signature-based security devices. Armorize's main product, CodeSecure, uses 
award-winning and patent-pending source code verification technology to 
identify vulnerabilities in Web applications during the earliest stage of the 
software development lifecycle.

Papers on source code analysis technology from our founding team have won 
awards at two consecutive International World Wide Web Conferences. The latest 
version of CodeSecure addresses current market gaps in Web security products by 
helping Web developers detect vulnerabilities and choose from rapidly generated 
solutions. The company is headquartered in Santa Clara, California with its R&D 
center in Taipei, Taiwan. Find out more at http://www.armorize.com.