[PATCH AVAIL.] JD-WordPress Vulnerability

For all Non-Joomla! security issues. ie 3pd Components etc.

Moderator: General Support Moderators

Forum rules
Locked
User avatar
Elpie
Joomla! Guru
Joomla! Guru
Posts: 903
Joined: Wed Aug 17, 2005 11:26 pm
Contact:

[PATCH AVAIL.] JD-WordPress Vulnerability

Post by Elpie » Sat Jul 29, 2006 1:50 am

Remote file inclusion vulnerability.
JD-WordPress for Joomla is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.

Version 2.0-1.0 RC2 is vulnerable to these issues; prior versions may also be affected.
The developer has been notified.
Last edited by RobS on Thu Aug 10, 2006 8:15 pm, edited 1 time in total.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info

User avatar
Predator
Joomla! Ace
Joomla! Ace
Posts: 1823
Joined: Wed Aug 17, 2005 10:12 pm
Location: Germany-Bad Abbach
Contact:

Re: JD-WordPress Vulnerability

Post by Predator » Sat Jul 29, 2006 9:38 am

Thanks Elpie and as i told i have probs to reproduce this, maybe RobS can check this, and if why i have probs to reproduce this, thanks in Advance.
The "Humor, Fun and Games" forum has  more than 2500 Posts, so why not build a "Humor, Fun and Games Working" Group?
.....
Malicious tongues say we have this WG right from the start, they call it core team :D

dsendecki
Joomla! Intern
Joomla! Intern
Posts: 93
Joined: Mon Sep 19, 2005 5:28 pm

Re: JD-WordPress Vulnerability

Post by dsendecki » Mon Jul 31, 2006 4:05 am

Has there been any headway made with uncovering this vulnerability? This has me greatly concerned!

User avatar
Elpie
Joomla! Guru
Joomla! Guru
Posts: 903
Joined: Wed Aug 17, 2005 11:26 pm
Contact:

Re: JD-WordPress Vulnerability

Post by Elpie » Mon Jul 31, 2006 4:51 am

The exploits that have been published both appear to rely on register_globals being on. If you have register_globals off and are not running globals emulation 1 (globals.php in Joomla) you should be fine.
While I personally wouldnt use htaccess to block attempts, RobS's htaccess will also block any attempts to exploit JD-Wordpress.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info

User avatar
RobS
Joomla! Ace
Joomla! Ace
Posts: 1366
Joined: Mon Dec 05, 2005 10:17 am
Location: New Orleans, LA, USA
Contact:

Re: JD-WordPress Vulnerability

Post by RobS » Mon Jul 31, 2006 8:32 am

Joomla!'s RG emulation is probably safe as it does a fair job of sanitizing input but I haven't thouroughly tested it myself, just browed through it a bit.
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions

User avatar
Predator
Joomla! Ace
Joomla! Ace
Posts: 1823
Joined: Wed Aug 17, 2005 10:12 pm
Location: Germany-Bad Abbach
Contact:

Re: JD-WordPress Vulnerability

Post by Predator » Mon Jul 31, 2006 3:26 pm

Well have tested now during the weekend local with RG on and allow_furl on together with Joomla! 1.0.10 also on a webhosting of a friend with Rg on and allow_furl on and joomla! 1.0.10 and could not reproduce this but to avoid any constellation which may allow this i have made a patch where i replaced the call

require_once( $mosConfig_absolute_path .'/components/com_jd-wp/wp-config.php' );

into

require(dirname(__FILE__) . '/wp-config.php');

to be sure.

If you normally have Rg off you should be save, as i was even with On not able to hack it with Joomla! 1.0.10
You do not have the required permissions to view the files attached to this post.
The "Humor, Fun and Games" forum has  more than 2500 Posts, so why not build a "Humor, Fun and Games Working" Group?
.....
Malicious tongues say we have this WG right from the start, they call it core team :D

User avatar
RobS
Joomla! Ace
Joomla! Ace
Posts: 1366
Joined: Mon Dec 05, 2005 10:17 am
Location: New Orleans, LA, USA
Contact:

Re: JD-WordPress Vulnerability

Post by RobS » Tue Aug 01, 2006 6:59 am

Also added to the list with a link to your patch.
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions

User avatar
Vish
Joomla! Explorer
Joomla! Explorer
Posts: 382
Joined: Mon Aug 22, 2005 5:43 pm
Contact:

Re: JD-WordPress Vulnerability

Post by Vish » Thu Aug 03, 2006 1:20 am

Marco

I must say, you have done a gr8 job with this component.
--Vish "Still Learning"

User avatar
Predator
Joomla! Ace
Joomla! Ace
Posts: 1823
Joined: Wed Aug 17, 2005 10:12 pm
Location: Germany-Bad Abbach
Contact:

Re: JD-WordPress Vulnerability

Post by Predator » Thu Aug 03, 2006 1:38 am

Vish wrote: Marco

I must say, you have done a gr8 job with this component.
Thanks Vish  8)

will added the next day the use of the permalink with joomla so jd-wp will have than also long URLs :D the way the original WP has it. Is a customjob but i can release the code than to the comunity so everybody can use it ;)
The "Humor, Fun and Games" forum has  more than 2500 Posts, so why not build a "Humor, Fun and Games Working" Group?
.....
Malicious tongues say we have this WG right from the start, they call it core team :D

User avatar
cmyksteve
Joomla! Intern
Joomla! Intern
Posts: 53
Joined: Sat Aug 20, 2005 5:20 am
Location: Ohio
Contact:

Re: JD-WordPress Vulnerability

Post by cmyksteve » Sat Aug 05, 2006 3:00 am

RobS wrote: Also added to the list with a link to your patch.
Hi RobS,

I ran across your notice that JD-WordPress was on the Security Risk list, but I don't see the link to the patch you mention here. Please point me to it.

Thanks,
Steve
Steve

User avatar
Predator
Joomla! Ace
Joomla! Ace
Posts: 1823
Joined: Wed Aug 17, 2005 10:12 pm
Location: Germany-Bad Abbach
Contact:

Re: JD-WordPress Vulnerability

Post by Predator » Sat Aug 05, 2006 6:55 am

cmyksteve wrote:
RobS wrote: Also added to the list with a link to your patch.
Hi RobS,

I ran across your notice that JD-WordPress was on the Security Risk list, but I don't see the link to the patch you mention here. Please point me to it.

Thanks,
Steve
See the attachment in Reply #5 in this Thread ;)
The "Humor, Fun and Games" forum has  more than 2500 Posts, so why not build a "Humor, Fun and Games Working" Group?
.....
Malicious tongues say we have this WG right from the start, they call it core team :D

User avatar
duvien
Joomla! Ace
Joomla! Ace
Posts: 1823
Joined: Sun Sep 18, 2005 8:28 pm
Location: Scotland
Contact:

Re: [PATCH AVAIL.] JD-WordPress Vulnerability

Post by duvien » Thu Aug 17, 2006 12:10 pm

I've just patched JD-WP and the commenting system failed to work afterwards. But soon i realised there was a typo error on line 64:

elseif ( !is_email($comment_author_email))

should have been:

elseif ( !is_wp_email($comment_author_email))

Nothing major and apart from that everything else went smoothly. Thanks for the security patch :)

P.S. i have attached the patch here to inlcude the line above and nothing else.
You do not have the required permissions to view the files attached to this post.
Custom website design | blog | tutorials | Photography | Downloads
Freelance Web Designer/Developer: www.duvien.com

User avatar
Predator
Joomla! Ace
Joomla! Ace
Posts: 1823
Joined: Wed Aug 17, 2005 10:12 pm
Location: Germany-Bad Abbach
Contact:

Re: [PATCH AVAIL.] JD-WordPress Vulnerability

Post by Predator » Thu Aug 17, 2006 12:16 pm

Opps sorry my fault  :-[

Thanks duvien for correcting this ;)
The "Humor, Fun and Games" forum has  more than 2500 Posts, so why not build a "Humor, Fun and Games Working" Group?
.....
Malicious tongues say we have this WG right from the start, they call it core team :D

Samleo
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Wed Oct 24, 2007 7:19 pm

Re: [PATCH AVAIL.] JD-WordPress Vulnerability

Post by Samleo » Wed Oct 24, 2007 7:21 pm

Hi, Where download the JD-Wordpress??
Last edited by Samleo on Wed Oct 24, 2007 7:36 pm, edited 1 time in total.

karryberry
I've been banned!
Posts: 21
Joined: Wed Dec 19, 2007 10:36 pm

Re: [PATCH AVAIL.] JD-WordPress Vulnerability

Post by karryberry » Thu Dec 20, 2007 4:42 pm

what plugins are you using with the wordpress ap?
smile

User avatar
cmyksteve
Joomla! Intern
Joomla! Intern
Posts: 53
Joined: Sat Aug 20, 2005 5:20 am
Location: Ohio
Contact:

Re: [PATCH AVAIL.] JD-WordPress Vulnerability

Post by cmyksteve » Thu Dec 20, 2007 5:19 pm

JD-WordPress is no longer supported.
But a fork of this Joomla component called mojoBlog can be found on Joomlify.com

mojoBlog is still in beta, running under Joomla 1.0.13
Steve

User avatar
panter011
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 104
Joined: Fri Sep 02, 2005 8:45 pm
Location: Peru - The Land for All Your Senses
Contact:

Re: [PATCH AVAIL.] JD-WordPress Vulnerability

Post by panter011 » Mon Feb 25, 2008 12:01 am

Hello it seams that the joomlify.com site is down.
where else can I have this mojoblog component?
thanks
Javier

NateM
Joomla! Intern
Joomla! Intern
Posts: 61
Joined: Sat Jun 02, 2007 2:48 am

Re: [PATCH AVAIL.] JD-WordPress Vulnerability

Post by NateM » Mon Feb 25, 2008 3:20 pm

I am also among the number of people who can't access the joomlify site. Anyone know what went down? It was fine a few days ago.

User avatar
cmyksteve
Joomla! Intern
Joomla! Intern
Posts: 53
Joined: Sat Aug 20, 2005 5:20 am
Location: Ohio
Contact:

Re: [PATCH AVAIL.] JD-WordPress Vulnerability

Post by cmyksteve » Mon Feb 25, 2008 4:37 pm

NateM wrote:... Anyone know what went down? It was fine a few days ago.
I'm sure Kevin will have Joomlify.com back up soon. The datacenter was having some issues but it looked like those were being addressed last week. I don't know what this current blackout was caused by, but waiting on files directly from Joomlify.com would be the best place to get current versions of mojoBlog (beta 0.16).
Last edited by cmyksteve on Tue Feb 26, 2008 4:38 am, edited 1 time in total.
Steve

User avatar
panter011
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 104
Joined: Fri Sep 02, 2005 8:45 pm
Location: Peru - The Land for All Your Senses
Contact:

Re: [PATCH AVAIL.] JD-WordPress Vulnerability

Post by panter011 » Mon Feb 25, 2008 6:34 pm

ok, hope it will be soon, thank you!
anyway do you know any alternative download page?
thanks
Javier
JYG

User avatar
cmyksteve
Joomla! Intern
Joomla! Intern
Posts: 53
Joined: Sat Aug 20, 2005 5:20 am
Location: Ohio
Contact:

Re: [PATCH AVAIL.] JD-WordPress Vulnerability

Post by cmyksteve » Tue Feb 26, 2008 12:55 am

Joomlify.com is back up.
Here's a link to the current version of mojoBlog from the download area-
http://www.joomlify.com/component/optio ... Itemid,53/
Steve


Locked

Return to “3rd Party/Non Joomla! Security Issues”