FreeBSD : Gallery 1.4.3 and ealier user authentication bypass (253ea131-bd12-11d8-b071-00e08110b673)
Critical Nessus Plugin ID 38140
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionA flaw exists in Gallery versions previous to 1.4.3-pl1 and post 1.2 which may give an attacker the potential to log in under the 'admin' account. Data outside of the gallery is unaffected and the attacker cannot modify any data other than the photos or photo albums.
SolutionUpdate the affected package.