Joomla! Multiple Vulnerabilities

Posted on Wednesday, September 10, 2008 @ 15:38:53 PDT in Security
by Raven

SECUNIA ADVISORY ID: SA31789

VERIFY ADVISORY: http://secunia.com/advisories/31789/

CRITICAL: Moderately critical

IMPACT: Unknown, Brute force

SOFTWARE: Joomla! 1.x - http://secunia.com/advisories/product/5788/

DESCRIPTION: Some vulnerabilities and a security issue have been reported in Joomla!, where some have an unknown impact and others can potentially be exploited by malicious people to conduct brute force attacks. The vulnerabilities and security issue are reported in versions prior to version 1.5.7.

1) A security issue is caused due to an error when generating random numbers and can potentially be exploited to guess a generated token or password.
2) An input validation error exists within JRequest, which can be exploited to inject certain characters into returned data.
3) An input validation error exists within the "mailto" component before sending mails.

SOLUTION: Update to version 1.5.7.

PROVIDED AND/OR DISCOVERED BY:
1) The vendor credits Stefan Esser.
2) The vendor credits Andrew Eddie.
3) The vendor credits Phil Taylor.
ORIGINAL ADVISORY: http://www.joomla.org/announcements/release-news/5212-joomla-157-security-release-now-available.html
 
 
click Related        click Share
 
News ©

Site Info v2.2.2

Server TrafficServer Traffic
  • Total: 352,594,473
  • Today: 77,424
Server InfoServer Info
  • Apr 19, 2018
  • 07:44 pm PDT
 
 

Daily Inspiration