Change font size Change Width
Advanced Search
 

Joomla! Discussion Forums



It is currently Wed Nov 25, 2009 4:53 am (All times are UTC )

 

Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x » 3rd Party/Non Joomla! Security Issues



Post new topic Reply to topic  Page 1 of 1
  [ 7 posts ] 
  Print view Previous topic | Next topic 
Author Message
Elpie
Posted: Mon Jul 31, 2006 1:26 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Wed Aug 17, 2005 11:26 pm
Posts: 869
Remote file inclusion in admin.colophon.php. Vulnerable version = 1.2, other versions may also be affected.

_________________
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info

Last edited by RobS on Tue Aug 29, 2006 11:35 pm, edited 1 time in total.

Top
  E-mail  
 
brian
 Post subject: Re: Joomla Colophon
Posted: Mon Jul 31, 2006 1:48 pm 
Joomla! Virtuoso
Joomla! Virtuoso
Offline

Joined: Fri Aug 12, 2005 7:19 am
Posts: 4471
Location: Leeds, UK
http://secunia.com/advisories/21288/


Last edited by infograf768 on Mon Jul 31, 2006 2:14 pm, edited 1 time in total.

Top
  E-mail  
 
infograf768
 Post subject: Re: Joomla Colophon
Posted: Mon Jul 31, 2006 2:16 pm 
User avatar
Joomla! Master
Joomla! Master
Offline

Joined: Fri Aug 12, 2005 3:47 pm
Posts: 11676
Location: **Translation Matters**
Changed ttle to reflect Secunia advisory.

Developper's site has beed defaced btw:
http://www.sirjoe.it/components/com_jd- ... k.php?p=77

_________________
Jean-Marie Simonet / infograf · http://www.info-graf.fr · GMT +1
Qui vult dare parva non debet magna rogare.
---------------------------------
Joomla! Translation Coordination Team

Top
  E-mail  
 
RobS
 Post subject: Re: Joomla Colophon
Posted: Tue Aug 01, 2006 6:15 am 
User avatar
Joomla! Ace
Joomla! Ace
Offline

Joined: Mon Dec 05, 2005 10:17 am
Posts: 1318
Location: New Orleans, LA, USA
Thanks, adding to the list.

_________________
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions

Top
  E-mail  
 
elmoch
 Post subject: Re: Joomla Colophon
Posted: Wed Aug 02, 2006 11:15 pm 
Joomla! Explorer
Joomla! Explorer
Offline

Joined: Fri Aug 26, 2005 10:13 pm
Posts: 408
Location: Spain
You can use JM-Credits instead of Colophon. JM-Credits doesn't have that vulnerability and is much more configurable than Colophon.

I hope you like it! ;)

_________________
My Extensions: JM-Recommend, JM-Credits, JM-Link Us (for J! 1.0.x). Find them in the 3rd Party Extensions Forum.
Joomla test installation: www.poraqui.net/joomla  User: test  Password: test

Top
  E-mail  
 
infograf768
 Post subject: Re: Joomla Colophon
Posted: Thu Aug 03, 2006 6:11 am 
User avatar
Joomla! Master
Joomla! Master
Offline

Joined: Fri Aug 12, 2005 3:47 pm
Posts: 11676
Location: **Translation Matters**
JM is MY trademark (short for Jean-Marie)  :laugh: :laugh: :laugh:

(just a French joke, totally OT)

_________________
Jean-Marie Simonet / infograf · http://www.info-graf.fr · GMT +1
Qui vult dare parva non debet magna rogare.
---------------------------------
Joomla! Translation Coordination Team

Top
  E-mail  
 
kaizen
Posted: Tue Aug 29, 2006 11:33 pm 
User avatar
Joomla! Explorer
Joomla! Explorer
Offline

Joined: Fri Aug 26, 2005 5:05 am
Posts: 291
Location: Pennsylvania, USA
Colophon is now in version 1.3.1 which includes fixes for the vulnerabiilities listed as well as some other updates.  Site, which was NEVER 'defaced' BTW,  is now back up and is in the process of being fully restored.

I have not abandoned this project or the other works at SchoolastechWorks, which include BadWords2 and I hope to get back on my feet after a extremely trying string of personal hardships and two tragic losses.

I'd appreciate it if the mods would update the listing as appropriate.

_________________
Robert Anthony Pitera
West of East, Inc. - http://www.westofeast.com - Taking technology in new directions™
SchoolastechWorks - http://www.schoolastech.com - Joomla Educational Development

Last edited by kaizen on Tue Aug 29, 2006 11:35 pm, edited 1 time in total.

Top
   
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 7 posts ] 

Quick reply

 


Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x » 3rd Party/Non Joomla! Security Issues

Who is online

Users browsing this forum: No registered users and 7 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
 
 
 
 
 

© 2005-2009 Open Source Matters, Inc. All rights reserved. Joomla hosting by Rochen Ltd.