[ABANDONED] Sitemap 2.0.0 for Mambo 4.5.1 Remote File Include Vulnerabilities

For all Non-Joomla! security issues. ie 3pd Components etc.

Moderator: General Support Moderators

User avatar
gustavo
Joomla! Explorer
Joomla! Explorer
Posts: 427
Joined: Fri Aug 19, 2005 12:51 pm
Location: Argentina
Contact:

[ABANDONED] Sitemap 2.0.0 for Mambo 4.5.1 Remote File Include Vulnerabilities

Postby gustavo » Wed Jul 12, 2006 3:10 pm

Last edited by RobS on Sun Jul 23, 2006 8:06 pm, edited 1 time in total.
Comunidad Joomla: Maintenance, support, translation and distribution for the Joomla!. Help site online. Member of the Spanish [es_ES] Joomla Translation Team. http://comunidadjoomla.org

Peter Koch
Joomla! Explorer
Joomla! Explorer
Posts: 374
Joined: Thu Aug 18, 2005 8:54 pm

Re: Sitemap 2.0.0 for Mambo 4.5.1 CMS Remote File Include Vulnerabilities

Postby Peter Koch » Wed Jul 12, 2006 3:55 pm

Apperently also joommap 2.05 has this construct (vulnerability yet unconfirmed)

No, everything seems clean in joommap 2.0.5.

I can however confirm the issue with sitemap 2.0.0
Last edited by Anonymous on Wed Jul 12, 2006 4:18 pm, edited 1 time in total.

User avatar
gustavo
Joomla! Explorer
Joomla! Explorer
Posts: 427
Joined: Fri Aug 19, 2005 12:51 pm
Location: Argentina
Contact:

Re: Sitemap 2.0.0 for Mambo 4.5.1 CMS Remote File Include Vulnerabilities

Postby gustavo » Fri Jul 14, 2006 12:56 pm

and two days after, the official report on secutiry related sites..

Advisory ID : FrSIRT/ADV-2006-2803
CVE ID : GENERIC-MAP-NOMATCH
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-07-14

Technical Description

A vulnerability has been identified in SiteMap (component for Mambo), which may be exploited by attackers to execute arbitrary commands. This flaw is due to an input validation error in the "sitemap.xml.php" script that fails to validate the "mosConfig_absolute_path" parameter, which could be exploited by remote attackers to include malicious files and execute arbitrary commands with the privileges of the web server.

Affected Products

SiteMap (component for Mambo) version 2.0 and prior


http://www.frsirt.com/english/advisories/2006/2803

Have a nice day
Gustavo
Comunidad Joomla: Maintenance, support, translation and distribution for the Joomla!. Help site online. Member of the Spanish [es_ES] Joomla Translation Team. http://comunidadjoomla.org

User avatar
Jinx
Joomla! Champion
Joomla! Champion
Posts: 6569
Joined: Fri Aug 12, 2005 12:47 am
Contact:

Re: Sitemap 2.0.0 for Mambo 4.5.1 CMS Remote File Include Vulnerabilities

Postby Jinx » Fri Jul 21, 2006 11:58 am

The sitemap 2.0 component is not actively maintained and should not be used on any production websites ! The component has been removed from mamboforge.
Last edited by Jinx on Fri Jul 21, 2006 12:00 pm, edited 1 time in total.
Johan Janssens - Joomla Co-Founder, Lead Developer of Joomla 1.5

http://www.joomlatools.com - Joomla extensions that just work


Return to “3rd Party/Non Joomla! Security Issues”

Who is online

Users browsing this forum: No registered users and 5 guests