Joomla Component Archaic Binary "gallery" Directory Traversal Vulnerability

SECUNIA ADVISORY ID:
SA32381

VERIFY ADVISORY:
http://secunia.com/advisories/32381/

CRITICAL:
Less critical

IMPACT:
Exposure of system information

WHERE:
>From remote

SOFTWARE:
Archaic Binary 1.x (component for Joomla)
http://secunia.com/advisories/product/20238/

DESCRIPTION:
H!tm@N has discovered a vulnerability in the Archaic Binary component
for Joomla, which can be exploited by malicious people to disclose
system information.

Input passed to the "gallery" parameter in index.php (when "option"
is set to "com_ab_gallery") is not properly sanitised before being
used. This can be exploited to display the contents of directories
via directory traversal attacks.

This vulnerability is confirmed in version 1.0. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
H!tm@N

ORIGINAL ADVISORY:
http://milw0rm.com/exploits/6826