Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Gallery Configuration Mode Authentication Bypass (deprecated)

High

Synopsis

The remote host is vulnerable to a flaw that allows for the bypassing of authentication.

Description

The remote server is running Gallery in configuration mode. Gallery is a software tool for webservers that allows for easy creation of online photo albums. This version of Gallery has been installed but not yet configured. Any remote user discovering the configuration screen may be able to modify web content on the remote server.

Solution

Configure Gallery, then disable configuration mode.