Gallery Configuration Mode Authentication Bypass (deprecated)

High Nessus Network Monitor Plugin ID 2500

Synopsis

The remote host is vulnerable to a flaw that allows for the bypassing of authentication.

Description

The remote server is running Gallery in configuration mode. Gallery is a software tool for webservers that allows for easy creation of online photo albums. This version of Gallery has been installed but not yet configured. Any remote user discovering the configuration screen may be able to modify web content on the remote server.

Solution

Configure Gallery, then disable configuration mode.

Plugin Details

Severity: High

ID: 2500

File Name: 2500.prm

Family: Web Servers

Published: 2004/08/18

Modified: 2016/01/15

Dependencies: 1442

Risk Information

Risk Factor: High