The Joomla! Forum ™





Post new topic Reply to topic  [ 8 posts ] 
Author Message
PostPosted: Tue Jul 18, 2006 11:45 am 
User avatar
Joomla! Guru
Joomla! Guru

Joined: Wed Aug 17, 2005 11:26 pm
Posts: 903
Another one bites the dust :(

Successful exploitation requires that "register_globals" is enabled.

The vulnerability has been reported in version 1.22.07. Other versions may also be affected.

http://secunia.com/advisories/21068/

Add before code:
defined('_VALID_MOS') or die('Direct access to this location is not allowed.');

_________________
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info


Last edited by RobS on Wed Jul 19, 2006 4:46 am, edited 1 time in total.

Top
 Profile  
 
 Post subject: Re: PollXT component
PostPosted: Tue Jul 18, 2006 3:20 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Fri Jan 13, 2006 5:33 pm
Posts: 19
I am confused I do not have the file they are talking about.

components/com_pollxt/conf.pollxt.php

What version has this file?

I am running 1.22.01


Top
 Profile  
 
 Post subject: Re: PollXT component
PostPosted: Wed Jul 19, 2006 1:30 am 
User avatar
Joomla! Guru
Joomla! Guru

Joined: Wed Aug 17, 2005 11:26 pm
Posts: 903
Elpie wrote:
The vulnerability has been reported in version 1.22.07. Other versions may also be affected.


Umm... as I said, it was reported in 1.22.07 ;)

You should check all files to ensure they do not allow direct access.

_________________
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info


Top
 Profile  
 
 Post subject: Re: PollXT component
PostPosted: Wed Jul 19, 2006 3:25 am 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sun May 07, 2006 11:48 am
Posts: 8
There is a new version out for the security fix (1.22.08 ) - either do it manually or via on-line updater

http://www.joomlaxt.com/


Top
 Profile  
 
PostPosted: Thu Jan 11, 2007 10:38 pm 
User avatar
Joomla! Explorer
Joomla! Explorer

Joined: Mon Apr 03, 2006 4:04 pm
Posts: 432
Location: Germany
joomlaxt website has been hacked again just now. was pollxt the problem again?

_________________
Please visit my personal website and leave many traces ;)
http://www.ffaabbiiaann.de
If you need webdesign services I can help you out:
http://www.webdesign2punkt0.de


Top
 Profile  
 
PostPosted: Fri Mar 09, 2007 10:21 am 
I've been banned!

Joined: Tue Sep 26, 2006 9:50 am
Posts: 661
Location: Norrköping / Stockholm
Where can i find PollXT? for download.


Top
 Profile  
 
 Post subject: PollXT
PostPosted: Tue Mar 13, 2007 7:35 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Tue Sep 26, 2006 7:06 pm
Posts: 6
I found PollXT on http://www.mamboserver.com | Projects.  But, the files are old.  Is there another place for the upgrade.


Top
 Profile  
 
PostPosted: Thu Dec 20, 2007 4:49 pm 
I've been banned!

Joined: Wed Dec 19, 2007 10:36 pm
Posts: 21
Elpie wrote:
Another one bites the dust :(

Successful exploitation requires that "register_globals" is enabled.

The vulnerability has been reported in version 1.22.07. Other versions may also be affected.

http://secunia.com/advisories/21068/

Add before code:
defined('_VALID_MOS') or die('Direct access to this location is not allowed.');




eyes like a hawk, well done

_________________
smile


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 



Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group