Joomla! 'com_docman' Component Multiple SQL Injection Vulner

Discussion regarding Joomla! 1.5 security issues.
Joomla! Vulnerable Extensions: http://feeds.joomla.org/JoomlaSecurityV ... Extensions

Moderator: General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
User avatar
fw116
Joomla! Ace
Joomla! Ace
Posts: 1365
Joined: Tue Sep 06, 2005 11:18 am
Location: Germany

Joomla! 'com_docman' Component Multiple SQL Injection Vulner

Postby fw116 » Mon May 16, 2011 1:42 pm

Bugtraq ID: 47857
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: May 16 2011 12:00AM
Updated: May 16 2011 12:00AM
Credit: KedAns-Dz
Vulnerable: Joomla com_docman 0

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 14321
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Joomla! 'com_docman' Component Multiple SQL Injection Vu

Postby mandville » Mon May 16, 2011 3:57 pm

is that a docman bug ID?
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

User avatar
brian
Joomla! Master
Joomla! Master
Posts: 11451
Joined: Fri Aug 12, 2005 7:19 am
Location: Leeds, UK
Contact:

Re: Joomla! 'com_docman' Component Multiple SQL Injection Vu

Postby brian » Mon May 16, 2011 4:02 pm

No its a securityfocus.com bugtraq id to a report of an alledged vuln with no version number. As docman is not yet available for 1.6 its in the wrong forum
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 14321
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Joomla! 'com_docman' Component Multiple SQL Injection Vu

Postby mandville » Mon May 16, 2011 4:05 pm

item unpublished from jed, dev contacted, listed on vel
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

User avatar
brian
Joomla! Master
Joomla! Master
Posts: 11451
Joined: Fri Aug 12, 2005 7:19 am
Location: Leeds, UK
Contact:

Re: Joomla! 'com_docman' Component Multiple SQL Injection Vu

Postby brian » Mon May 16, 2011 4:09 pm

is that the correct thing to do. it's a report in an unnamed version
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 14321
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Joomla! 'com_docman' Component Multiple SQL Injection Vu

Postby mandville » Mon May 16, 2011 4:32 pm

That is the standard procedure as decided by both JED and VEL teams.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

User avatar
Jinx
Joomla! Champion
Joomla! Champion
Posts: 6569
Joined: Fri Aug 12, 2005 12:47 am
Contact:

Re: Joomla! 'com_docman' Component Multiple SQL Injection Vu

Postby Jinx » Mon May 16, 2011 5:17 pm

The reported security issue on SecurityFocus relates to a security exploit in an older version of DOCman (1.3). It's an issue that was fixed for DOCman 1.4 and 1.5

Exploit

The actual exploit was published on PacketStorm security. This is the link to the post : http://packetstormsecurity.org/files/10 ... ction.html

The demo URL for the exploit goes to : http://www.voicilepoux.org. This site is running Mambo and not Joomla. See : http://www.voicilepoux.org/administrator/

The version of DOCman installed on this site is : 1.3.0 and dates back to September 2005. See : http://www.voicilepoux.org/administrato ... ngelog.txt

Solution

User who are still using DOCman 1.3 should immediatly upgrade to the latest 1.4.2 or 1.5.10 version.

Based on this information can I please ask to re-publish our DOCman listing as soon as possible and remove the information about the exploit from the wiki.
Johan Janssens - Joomla Co-Founder, Lead Developer of Joomla 1.5

http://www.joomlatools.com - Joomla extensions that just work

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 14321
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Joomla! 'com_docman' Component Multiple SQL Injection Vu

Postby mandville » Mon May 16, 2011 5:22 pm

Thanks for the quick response, email sent , Topic closed
Thanks to Fw116 for the report
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}


Return to “Security in Joomla! 1.5”

Who is online

Users browsing this forum: No registered users and 3 guests