Joomla Weblinks Component Vulnerabillity?

Discussion regarding Joomla! 2.5 security issues.

Moderators: Bernard T, mandville, fcoulter, PhilD, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Locked
yaanimai
Joomla! Explorer
Joomla! Explorer
Posts: 346
Joined: Thu Jun 14, 2007 2:48 pm
Location: Coppell, Texas
Contact:

Joomla Weblinks Component Vulnerabillity?

Post by yaanimai » Mon Dec 08, 2014 10:30 pm

Hi,

I signed up for a free 6Scan.com account to run a scan on my websites.

I got the following warning that a site is "At Risk" with this error

"Weblinks Component for Joomla! index.php Itemid Parameter SQL Injection "

Technical details found here http://osvdb.org/show/osvdb/76228

"Weblinks Component for Joomla! contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script not properly sanitizing user-supplied input to the 'Itemid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data."

It looks like the technical details link is from 2010.

Does anyone know if this was fixed?

Thanks!

yaanimai
Joomla! Explorer
Joomla! Explorer
Posts: 346
Joined: Thu Jun 14, 2007 2:48 pm
Location: Coppell, Texas
Contact:

Re: Joomla Weblinks Component Vulnerabillity?

Post by yaanimai » Mon Dec 08, 2014 10:36 pm

It suggests this as a fix

Code: Select all

Login to your website via FTP
Go to the directory with file /index.php
Backup the /index.php file
Add the next lines right after '<?php' tag:

if ( isset( $_GET['itemid']) ){ $filtered_var = mysql_escape_string( $_GET['itemid'] ); $_GET['itemid'] = $filtered_var;}
	if ( isset( $_POST['itemid']) ){ $filtered_var = mysql_escape_string( $_POST['itemid'] ); $_POST['itemid'] = $filtered_var;}
	if ( isset( $_REQUEST['itemid']) ){ $filtered_var = mysql_escape_string( $_REQUEST['itemid'] ); $_REQUEST['itemid'] = $filtered_var;}
	

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 14781
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Joomla Weblinks Component Vulnerabillity?

Post by mandville » Tue Dec 09, 2014 5:55 pm

run and post your fpa.
for core security issues, it is best to contact the jsst at developer.joomla.org/security
usually scans such as this are well known for giving 'if, but, maybe' reports.
back in 2010
"Weblinks component for Joomla! itemid parameter SQL injection
weblinks-joomla-itemid-sql-injection (61144)

Description:

Weblinks component for Joomla! is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the index.php script using the itemid parameter, which could allow the attacker to view, add, modify or delete information in the back-end database."
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

RedEye
Joomla! Ace
Joomla! Ace
Posts: 1460
Joined: Sat Jan 21, 2006 8:42 pm

Re: Joomla Weblinks Component Vulnerabillity?

Post by RedEye » Wed Dec 10, 2014 11:44 pm

Just a note for the thread opener: Pls, don't use the suggested fix from yaanimai, because that would be a very bad fix and absolutely not necessary...
And mandville already wrote that this vulnerabillity is more than old...


Locked

Return to “Security in Joomla! 2.5”