Joomla! • View topic - [UPGRADE AVAIL.] Joomla Colophon

Joomla!®
Welcome to Joomla!

Joomla! is an award-winning open source CMS for building powerful websites.

Recent Joomla! News
Support Joomla!
- Shop Joomla! Gear
- Contribution
About
What Is Joomla?

Joomla is an award-winning content management system (CMS), which enables you to build Web sites and powerful online applications.
Read more...

Joomla! for Business

Joomla! is a extremely customizable and adaptable for Enterprise, SMBs, NPOs and beyond. Read more...

Joomla! for Developers

No matter what level of experience you hold, Joomla! has strengths to match; programmers, designers and end users alike!Read more...

Learn more about Joomla!
- The Software
- The Project
- The Leadership
- Open Source Matters
Community & Support
Connect!
Support!
Read!
Get involved with Joomla!

Joomla is an open source project and contributions from the community are essential to its growth and success. Anyone can contribute on any level, even newcomers can contribute to Joomla. Read more...
Extend
Directories
Developers
Download
Download Joomla! 2.5
- 2.5 Full Package
- Update Packages
- Demo Joomla! 2.5
Download Joomla! 3.1
- 3.1 Full Package
- Update Packages
- Demo Joomla! 3.1
Getting Started with Joomla!
Internationalization
Internationalization

Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x » 3rd Party/Non Joomla! Security Issues

[UPGRADE AVAIL.] Joomla Colophon

Moderators: lafrance, mandville, General Support Moderators

Page 1 of 1

[ 7 posts ]

Print view

Previous topic | Next topic

Author

Message

Elpie

Post subject: [UPGRADE AVAIL.] Joomla Colophon

Posted: Mon Jul 31, 2006 1:26 pm

Joomla! Guru

Joined: Wed Aug 17, 2005 11:26 pm
Posts: 903

Remote file inclusion in admin.colophon.php. Vulnerable version = 1.2, other versions may also be affected.

_________________
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info

Last edited by RobS on Tue Aug 29, 2006 11:35 pm, edited 1 time in total.

Top

brian

Post subject: Re: Joomla Colophon

Posted: Mon Jul 31, 2006 1:48 pm

Joomla! Exemplar

Joined: Fri Aug 12, 2005 7:19 am
Posts: 9206
Location: Leeds, UK

http://secunia.com/advisories/21288/

_________________
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/

Last edited by infograf768 on Mon Jul 31, 2006 2:14 pm, edited 1 time in total.

Top

infograf768

Post subject: Re: Joomla Colophon

Posted: Mon Jul 31, 2006 2:16 pm

Joomla! Master

Joined: Fri Aug 12, 2005 3:47 pm
Posts: 16637
Location: **Translation Matters**

Changed ttle to reflect Secunia advisory.

Developper's site has beed defaced btw:
http://www.sirjoe.it/components/com_jd- ... k.php?p=77

_________________
Jean-Marie Simonet / infograf · http://www.info-graf.fr
Multilanguage in 2.5: http://help.joomla.org/files/EN-GB_multilang_tutorial.pdf
---------------------------------
Joomla Translation Coordination Team • Joomla! Production Working Group

Top

RobS

Post subject: Re: Joomla Colophon

Posted: Tue Aug 01, 2006 6:15 am

Joomla! Ace

Joined: Mon Dec 05, 2005 10:17 am
Posts: 1367
Location: New Orleans, LA, USA

Thanks, adding to the list.

_________________
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions

Top

elmoch

Post subject: Re: Joomla Colophon

Posted: Wed Aug 02, 2006 11:15 pm

Joomla! Explorer

Joined: Fri Aug 26, 2005 10:13 pm
Posts: 410
Location: Spain

You can use JM-Credits instead of Colophon. JM-Credits doesn't have that vulnerability and is much more configurable than Colophon.

I hope you like it!

_________________
My Extensions: JM-Recommend, JM-Credits, JM-Link Us (for J! 1.0.x). Find them in the 3rd Party Extensions Forum.
Joomla test installation: www.poraqui.net/joomla User: test Password: test

Top

infograf768

Post subject: Re: Joomla Colophon

Posted: Thu Aug 03, 2006 6:11 am

Joomla! Master

Joined: Fri Aug 12, 2005 3:47 pm
Posts: 16637
Location: **Translation Matters**

JM is MY trademark (short for Jean-Marie) :laugh:

(just a French joke, totally OT)

Top

kaizen

Post subject: Re: [ABANDONED] Joomla Colophon

Posted: Tue Aug 29, 2006 11:33 pm

Joomla! Explorer

Joined: Fri Aug 26, 2005 5:05 am
Posts: 294
Location: Pennsylvania, USA

Colophon is now in version 1.3.1 which includes fixes for the vulnerabiilities listed as well as some other updates. Site, which was NEVER 'defaced' BTW, is now back up and is in the process of being fully restored.

I have not abandoned this project or the other works at SchoolastechWorks, which include BadWords2 and I hope to get back on my feet after a extremely trying string of personal hardships and two tragic losses.

I'd appreciate it if the mods would update the listing as appropriate.

_________________
Robert Anthony Pitera
West of East, Inc. - http://www.westofeast.com - Taking technology in new directions™
SchoolastechWorks - http://www.schoolastech.com - Joomla Educational Development

Last edited by kaizen on Tue Aug 29, 2006 11:35 pm, edited 1 time in total.

Top

Page 1 of 1

[ 7 posts ]

Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x » 3rd Party/Non Joomla! Security Issues

Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:

Welcome to Joomla!

Recent Joomla! News

Support Joomla!

What Is Joomla?

Joomla! for Business

Joomla! for Developers

Learn more about Joomla!

Connect!

Support!

Read!

Get involved with Joomla!

Directories

Developers

Download Joomla! 2.5

Download Joomla! 3.1

Getting Started with Joomla!

Internationalization

The Joomla! Forum ™

[UPGRADE AVAIL.] Joomla Colophon

Who is online