[UPGRADE AVAIL.] User Home Page versions 0.5 and 2

For all Non-Joomla! security issues. ie 3pd Components etc.

Moderator: General Support Moderators

Forum rules
Locked
troopy
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Sun Jul 30, 2006 10:10 am

[UPGRADE AVAIL.] User Home Page versions 0.5 and 2

Post by troopy » Sun Jul 30, 2006 10:33 am

My site got hacked twice, nothing too serious so far as only the index.php was replaced with something in Turkish.

The first time I noticed by looking at the statistics that the last visitor before the hack was an IP from Turkey that searched "com_extcalendar" on Google and thus found my site. I've since sorted com_extcalendar out.

Yesterday second hack and again the last visitor that appeared on the statistics was an IP from Turkey but this time searched "com_uhp" on Google, quite a few of the other sites that appeared on the Google results page had also been hacked in exactly the same way.

Are there any security issues with com_uhp? I've  removed it from the server from the time being although it does not seem to be in the list of dangerous components. Any thoughts on the matter?
Last edited by RobS on Thu Aug 10, 2006 8:30 pm, edited 1 time in total.

User avatar
gustavo
Joomla! Explorer
Joomla! Explorer
Posts: 427
Joined: Fri Aug 19, 2005 12:51 pm
Location: Argentina
Contact:

Re: User Home Page versions 0.5 and 2

Post by gustavo » Sun Jul 30, 2006 3:10 pm

Author: Hasibuan

Input passed to the "mosConfig_absolute_path" is not properly verified before being used to include files. This can be exploited to execute arbitrary PHP code by including files from local or external resources.

vuln: uhp_config.php

Code: Select all

global $mosConfig_absolute_path;
require($mosConfig_absolute_path."/administrator/components/com_uhp/uhp_config.inc");
?>
Have a nice day
Gustavo Raúl Aragón
Comunidad Joomla: Maintenance, support, translation and distribution for the Joomla!. Help site online. Member of the Spanish [es_ES] Joomla Translation Team. http://comunidadjoomla.org

User avatar
infograf768
Joomla! Master
Joomla! Master
Posts: 19133
Joined: Fri Aug 12, 2005 3:47 pm
Location: **Translation Matters**

Re: User Home Page versions 0.5 and 2

Post by infograf768 » Sun Jul 30, 2006 3:27 pm

Merged this 2 topics as they are related.
Thanks Gustavo.  :)
Jean-Marie Simonet / infograf
---------------------------------
ex-Joomla Translation Coordination Team • ex-Joomla! Production Working Group

User avatar
infograf768
Joomla! Master
Joomla! Master
Posts: 19133
Joined: Fri Aug 12, 2005 3:47 pm
Location: **Translation Matters**

Re: User Home Page versions 0.5 and 2

Post by infograf768 » Sun Jul 30, 2006 3:33 pm

Is'nt footer.php also a problem in version 1.1.1 ?
global $mosConfig_absolute_path, $uhp;
require($mosConfig_absolute_path."/administrator/components/com_uhp2/uhp2_config.inc");
Jean-Marie Simonet / infograf
---------------------------------
ex-Joomla Translation Coordination Team • ex-Joomla! Production Working Group

User avatar
Elpie
Joomla! Guru
Joomla! Guru
Posts: 903
Joined: Wed Aug 17, 2005 11:26 pm
Contact:

Re: User Home Page versions 0.5 and 2

Post by Elpie » Mon Jul 31, 2006 1:22 pm

There is an exploit in the wild but no details of which version is vulnerable.
The latest available version is V1.1. You can get it here: http://www.ravensportal.co.uk/
At this time I don't know if that version is vulnerable.

I have notified the developers.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info

User avatar
brian
Joomla! Master
Joomla! Master
Posts: 12781
Joined: Fri Aug 12, 2005 7:19 am
Location: Leeds, UK
Contact:

Re: User Home Page versions 0.5 and 2

Post by brian » Mon Jul 31, 2006 1:47 pm

The vulnerable version is 0.5

http://secunia.com/advisories/21305/
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/

User avatar
Elpie
Joomla! Guru
Joomla! Guru
Posts: 903
Joined: Wed Aug 17, 2005 11:26 pm
Contact:

Re: User Home Page versions 0.5 and 2

Post by Elpie » Mon Jul 31, 2006 1:57 pm

The report I have seen clearly states UHP2, but not which version of 2.
Anyway, as I said, I have contacted the developers so no doubt we will soon have more information.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info

User avatar
infograf768
Joomla! Master
Joomla! Master
Posts: 19133
Joined: Fri Aug 12, 2005 3:47 pm
Location: **Translation Matters**

Re: User Home Page versions 0.5 and 2

Post by infograf768 » Mon Jul 31, 2006 2:00 pm

Already posted here:
http://forum.joomla.org/index.php/topic,81308.0.html

If no one minds (I'lll wait), I will merge these 2 threads and change title to reflect
Jean-Marie Simonet / infograf
---------------------------------
ex-Joomla Translation Coordination Team • ex-Joomla! Production Working Group

User avatar
ravenswood
Joomla! Intern
Joomla! Intern
Posts: 81
Joined: Thu Sep 15, 2005 3:06 pm
Location: Glasgow
Contact:

Re: User Home Page versions 0.5 and 2

Post by ravenswood » Mon Jul 31, 2006 10:57 pm

Hi,

I'm the developer of UHP and UHP2 and can confirm the vlunerability..  :(

New versions are available for download from http://www.ravenswoodit.co.uk

If you are running UHP I would recommend upgrading to UHP2 as it is under active development, whereas UHP is effectively dead..

Cheers

John
Professional Joomla development
Ravenswood IT Services - http://www.ravenswoodit.com/

User avatar
Elpie
Joomla! Guru
Joomla! Guru
Posts: 903
Joined: Wed Aug 17, 2005 11:26 pm
Contact:

Re: [UPGRADE AVAIL.] User Home Page versions 0.5 and 2

Post by Elpie » Tue Aug 01, 2006 1:37 pm

Jeepers, you are quick John!  You really do deserve your reputation of being security-conscious devs. I am impressed with the fast turnaround. Thank you.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info

User avatar
RobS
Joomla! Ace
Joomla! Ace
Posts: 1366
Joined: Mon Dec 05, 2005 10:17 am
Location: New Orleans, LA, USA
Contact:

Re: [UPGRADE AVAIL.] User Home Page versions 0.5 and 2

Post by RobS » Tue Aug 01, 2006 4:10 pm

Added to the list of vulnerable components with reference to the update.  Thanks for dealing with it so quickly. 
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions


Locked

Return to “3rd Party/Non Joomla! Security Issues”