The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://coppermine-gallery.net/forum/index.php?topic=30655.0 http://myimei.com/security/2006-04-14/copperminephotogallery144-plugininclusionsystemindexphp-remotefileinclusion-attack.html http://secunia.com/advisories/19665/ http://www.vuxml.org/freebsd/6738977b-e9a5-11da-b9f4-00123ffe8333.html

The following package is affected: coppermine CVE-2006-1909 Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote attackers to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard '../' sequences.