Again, New Exploit for com_content (1.5.x or 1.0.x)

Locked
flurischt
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Fri Jan 12, 2007 1:31 pm

Again, New Exploit for com_content (1.5.x or 1.0.x)

Post by flurischt » Thu Aug 14, 2008 4:43 pm

What the heck did you do to my topic: New Exploit for com_content (1.5.x or 1.0.x) ???
(Type it in to Google Custom Search and you'll find it, but: "You are not authorised to read this forum.")

Im still waiting for an answer, whether [url=http://*******/exploits/6025]this[/url] affects the 1.0.x or the 1.5.x version...

**** REMOVED THE URL ******
Last edited by flurischt on Thu Aug 14, 2008 4:53 pm, edited 2 times in total.

 
User avatar
ircmaxell
Joomla! Ace
Joomla! Ace
Posts: 1926
Joined: Thu Nov 10, 2005 3:10 am
Location: New Jersey, USA
Contact:

Re: Again, New Exploit for com_content (1.5.x or 1.0.x)

Post by ircmaxell » Thu Aug 14, 2008 4:48 pm

First off, PLEASE do not post exploits in a public forum.

Secondly. It's targeted at 1.0.x.

Thirdly. It doesn't work. It's not a valid attack. The input variables are properly sanitized...
Anthony Ferrara - Core Team - Development Coordinator - Bug Squad - JSST

http://moovum.com/ - The Bird is in the air! Get Mollom Anti-Spam on your Joomla! website with Moovur...
http://www.joomlaperformance.com For All Your Joomla Performance Needs

Gergo Erdosi
Joomla! Virtuoso
Joomla! Virtuoso
Posts: 4031
Joined: Sat Nov 11, 2006 9:34 pm
Location: Hungary

Re: Again, New Exploit for com_content (1.5.x or 1.0.x)

Post by Gergo Erdosi » Thu Aug 14, 2008 4:51 pm

Moderator note: Topic moved from 1.5 Security to Joomla! 1.0.x_Q&T.

flurischt
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Fri Jan 12, 2007 1:31 pm

Re: Again, New Exploit for com_content (1.5.x or 1.0.x)

Post by flurischt » Thu Aug 14, 2008 4:56 pm

ok, ok

i removed the url but google finds it also...

thanks, but answering instead of deleting my first topic would have been nicer...

User avatar
ircmaxell
Joomla! Ace
Joomla! Ace
Posts: 1926
Joined: Thu Nov 10, 2005 3:10 am
Location: New Jersey, USA
Contact:

Re: Again, New Exploit for com_content (1.5.x or 1.0.x)

Post by ircmaxell » Thu Aug 14, 2008 5:01 pm

flurischt wrote:ok, ok

i removed the url but google finds it also...

thanks, but answering instead of deleting my first topic would have been nicer...
It wasn't deleted. It was moved to a private forum so that it could be investigated.

Please do not post potential exploits in a public forum...
Anthony Ferrara - Core Team - Development Coordinator - Bug Squad - JSST

http://moovum.com/ - The Bird is in the air! Get Mollom Anti-Spam on your Joomla! website with Moovur...
http://www.joomlaperformance.com For All Your Joomla Performance Needs

flurischt
Joomla! Fledgling
Joomla! Fledgling
Posts: 3
Joined: Fri Jan 12, 2007 1:31 pm

Re: Again, New Exploit for com_content (1.5.x or 1.0.x)

Post by flurischt » Thu Aug 14, 2008 5:10 pm

sorry next time ill know it...

whats the best way to report such exploits when not in the forum?

User avatar
ircmaxell
Joomla! Ace
Joomla! Ace
Posts: 1926
Joined: Thu Nov 10, 2005 3:10 am
Location: New Jersey, USA
Contact:

Re: Again, New Exploit for com_content (1.5.x or 1.0.x)

Post by ircmaxell » Thu Aug 14, 2008 5:13 pm

flurischt wrote:sorry next time ill know it...

whats the best way to report such exploits when not in the forum?
PM or email for now... We are in the process of setting up another method (It'll hopefully be live soon).
Anthony Ferrara - Core Team - Development Coordinator - Bug Squad - JSST

http://moovum.com/ - The Bird is in the air! Get Mollom Anti-Spam on your Joomla! website with Moovur...
http://www.joomlaperformance.com For All Your Joomla Performance Needs

 

Locked

Return to “Joomla! 1.0.x_Q&T”