Advertisement
[PATCH AVAIL.] JD-WordPress Vulnerability
Moderator: General Support Moderators
Forum rules
- Elpie
- Joomla! Guru
- Posts: 903
- Joined: Wed Aug 17, 2005 11:26 pm
- Contact:
[PATCH AVAIL.] JD-WordPress Vulnerability
Remote file inclusion vulnerability.
JD-WordPress for Joomla is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.
Version 2.0-1.0 RC2 is vulnerable to these issues; prior versions may also be affected.
The developer has been notified.
JD-WordPress for Joomla is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.
Version 2.0-1.0 RC2 is vulnerable to these issues; prior versions may also be affected.
The developer has been notified.
Last edited by RobS on Thu Aug 10, 2006 8:15 pm, edited 1 time in total.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info
Open Source Research & Best Practice: http://osprojects.info
Advertisement
- Predator
- Joomla! Ace
- Posts: 1823
- Joined: Wed Aug 17, 2005 10:12 pm
- Location: Germany-Bad Abbach
- Contact:
Re: JD-WordPress Vulnerability
Thanks Elpie and as i told i have probs to reproduce this, maybe RobS can check this, and if why i have probs to reproduce this, thanks in Advance.
The "Humor, Fun and Games" forum has more than 2500 Posts, so why not build a "Humor, Fun and Games Working" Group?
.....
Malicious tongues say we have this WG right from the start, they call it core team
.....
Malicious tongues say we have this WG right from the start, they call it core team
-
- Joomla! Intern
- Posts: 93
- Joined: Mon Sep 19, 2005 5:28 pm
Re: JD-WordPress Vulnerability
Has there been any headway made with uncovering this vulnerability? This has me greatly concerned!
- Elpie
- Joomla! Guru
- Posts: 903
- Joined: Wed Aug 17, 2005 11:26 pm
- Contact:
Re: JD-WordPress Vulnerability
The exploits that have been published both appear to rely on register_globals being on. If you have register_globals off and are not running globals emulation 1 (globals.php in Joomla) you should be fine.
While I personally wouldnt use htaccess to block attempts, RobS's htaccess will also block any attempts to exploit JD-Wordpress.
While I personally wouldnt use htaccess to block attempts, RobS's htaccess will also block any attempts to exploit JD-Wordpress.
For Mambo assistance: http://forum.mambo-foundation.org
Open Source Research & Best Practice: http://osprojects.info
Open Source Research & Best Practice: http://osprojects.info
- RobS
- Joomla! Ace
- Posts: 1366
- Joined: Mon Dec 05, 2005 10:17 am
- Location: New Orleans, LA, USA
- Contact:
Re: JD-WordPress Vulnerability
Joomla!'s RG emulation is probably safe as it does a fair job of sanitizing input but I haven't thouroughly tested it myself, just browed through it a bit.
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
- Predator
- Joomla! Ace
- Posts: 1823
- Joined: Wed Aug 17, 2005 10:12 pm
- Location: Germany-Bad Abbach
- Contact:
Re: JD-WordPress Vulnerability
Well have tested now during the weekend local with RG on and allow_furl on together with Joomla! 1.0.10 also on a webhosting of a friend with Rg on and allow_furl on and joomla! 1.0.10 and could not reproduce this but to avoid any constellation which may allow this i have made a patch where i replaced the call
require_once( $mosConfig_absolute_path .'/components/com_jd-wp/wp-config.php' );
into
require(dirname(__FILE__) . '/wp-config.php');
to be sure.
If you normally have Rg off you should be save, as i was even with On not able to hack it with Joomla! 1.0.10
require_once( $mosConfig_absolute_path .'/components/com_jd-wp/wp-config.php' );
into
require(dirname(__FILE__) . '/wp-config.php');
to be sure.
If you normally have Rg off you should be save, as i was even with On not able to hack it with Joomla! 1.0.10
You do not have the required permissions to view the files attached to this post.
The "Humor, Fun and Games" forum has more than 2500 Posts, so why not build a "Humor, Fun and Games Working" Group?
.....
Malicious tongues say we have this WG right from the start, they call it core team
.....
Malicious tongues say we have this WG right from the start, they call it core team
- RobS
- Joomla! Ace
- Posts: 1366
- Joined: Mon Dec 05, 2005 10:17 am
- Location: New Orleans, LA, USA
- Contact:
Re: JD-WordPress Vulnerability
Also added to the list with a link to your patch.
Rob Schley - Open Source Matters
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
Webimagery - http://www.webimagery.net/ - Professional Consulting Services
JXtended - http://www.jxtended.com/ - Free and Commercial Joomla! Extensions
- Vish
- Joomla! Explorer
- Posts: 382
- Joined: Mon Aug 22, 2005 5:43 pm
- Contact:
Re: JD-WordPress Vulnerability
Marco
I must say, you have done a gr8 job with this component.
I must say, you have done a gr8 job with this component.
--Vish "Still Learning"
- Predator
- Joomla! Ace
- Posts: 1823
- Joined: Wed Aug 17, 2005 10:12 pm
- Location: Germany-Bad Abbach
- Contact:
Re: JD-WordPress Vulnerability
Thanks VishVish wrote: Marco
I must say, you have done a gr8 job with this component.
will added the next day the use of the permalink with joomla so jd-wp will have than also long URLs the way the original WP has it. Is a customjob but i can release the code than to the comunity so everybody can use it
The "Humor, Fun and Games" forum has more than 2500 Posts, so why not build a "Humor, Fun and Games Working" Group?
.....
Malicious tongues say we have this WG right from the start, they call it core team
.....
Malicious tongues say we have this WG right from the start, they call it core team
- cmyksteve
- Joomla! Intern
- Posts: 53
- Joined: Sat Aug 20, 2005 5:20 am
- Location: Ohio
- Contact:
Re: JD-WordPress Vulnerability
Hi RobS,RobS wrote: Also added to the list with a link to your patch.
I ran across your notice that JD-WordPress was on the Security Risk list, but I don't see the link to the patch you mention here. Please point me to it.
Thanks,
Steve
Steve
- Predator
- Joomla! Ace
- Posts: 1823
- Joined: Wed Aug 17, 2005 10:12 pm
- Location: Germany-Bad Abbach
- Contact:
Re: JD-WordPress Vulnerability
See the attachment in Reply #5 in this Threadcmyksteve wrote:Hi RobS,RobS wrote: Also added to the list with a link to your patch.
I ran across your notice that JD-WordPress was on the Security Risk list, but I don't see the link to the patch you mention here. Please point me to it.
Thanks,
Steve
The "Humor, Fun and Games" forum has more than 2500 Posts, so why not build a "Humor, Fun and Games Working" Group?
.....
Malicious tongues say we have this WG right from the start, they call it core team
.....
Malicious tongues say we have this WG right from the start, they call it core team
- duvien
- Joomla! Ace
- Posts: 1823
- Joined: Sun Sep 18, 2005 8:28 pm
- Location: Scotland
- Contact:
Re: [PATCH AVAIL.] JD-WordPress Vulnerability
I've just patched JD-WP and the commenting system failed to work afterwards. But soon i realised there was a typo error on line 64:
elseif ( !is_email($comment_author_email))
should have been:
elseif ( !is_wp_email($comment_author_email))
Nothing major and apart from that everything else went smoothly. Thanks for the security patch
P.S. i have attached the patch here to inlcude the line above and nothing else.
elseif ( !is_email($comment_author_email))
should have been:
elseif ( !is_wp_email($comment_author_email))
Nothing major and apart from that everything else went smoothly. Thanks for the security patch
P.S. i have attached the patch here to inlcude the line above and nothing else.
You do not have the required permissions to view the files attached to this post.
Custom website design | blog | tutorials | Photography | Downloads
Freelance Web Designer/Developer: www.duvien.com
Freelance Web Designer/Developer: www.duvien.com
- Predator
- Joomla! Ace
- Posts: 1823
- Joined: Wed Aug 17, 2005 10:12 pm
- Location: Germany-Bad Abbach
- Contact:
Re: [PATCH AVAIL.] JD-WordPress Vulnerability
Opps sorry my fault
Thanks duvien for correcting this
Thanks duvien for correcting this
The "Humor, Fun and Games" forum has more than 2500 Posts, so why not build a "Humor, Fun and Games Working" Group?
.....
Malicious tongues say we have this WG right from the start, they call it core team
.....
Malicious tongues say we have this WG right from the start, they call it core team
-
- Joomla! Fledgling
- Posts: 1
- Joined: Wed Oct 24, 2007 7:19 pm
Re: [PATCH AVAIL.] JD-WordPress Vulnerability
Hi, Where download the JD-Wordpress??
Last edited by Samleo on Wed Oct 24, 2007 7:36 pm, edited 1 time in total.
-
- I've been banned!
- Posts: 21
- Joined: Wed Dec 19, 2007 10:36 pm
Re: [PATCH AVAIL.] JD-WordPress Vulnerability
what plugins are you using with the wordpress ap?
smile
- cmyksteve
- Joomla! Intern
- Posts: 53
- Joined: Sat Aug 20, 2005 5:20 am
- Location: Ohio
- Contact:
Re: [PATCH AVAIL.] JD-WordPress Vulnerability
JD-WordPress is no longer supported.
But a fork of this Joomla component called mojoBlog can be found on Joomlify.com
mojoBlog is still in beta, running under Joomla 1.0.13
But a fork of this Joomla component called mojoBlog can be found on Joomlify.com
mojoBlog is still in beta, running under Joomla 1.0.13
Steve
- panter011
- Joomla! Enthusiast
- Posts: 104
- Joined: Fri Sep 02, 2005 8:45 pm
- Location: Peru - The Land for All Your Senses
- Contact:
Re: [PATCH AVAIL.] JD-WordPress Vulnerability
Hello it seams that the joomlify.com site is down.
where else can I have this mojoblog component?
thanks
Javier
where else can I have this mojoblog component?
thanks
Javier
-
- Joomla! Intern
- Posts: 61
- Joined: Sat Jun 02, 2007 2:48 am
Re: [PATCH AVAIL.] JD-WordPress Vulnerability
I am also among the number of people who can't access the joomlify site. Anyone know what went down? It was fine a few days ago.
- cmyksteve
- Joomla! Intern
- Posts: 53
- Joined: Sat Aug 20, 2005 5:20 am
- Location: Ohio
- Contact:
Re: [PATCH AVAIL.] JD-WordPress Vulnerability
I'm sure Kevin will have Joomlify.com back up soon. The datacenter was having some issues but it looked like those were being addressed last week. I don't know what this current blackout was caused by, but waiting on files directly from Joomlify.com would be the best place to get current versions of mojoBlog (beta 0.16).NateM wrote:... Anyone know what went down? It was fine a few days ago.
Last edited by cmyksteve on Tue Feb 26, 2008 4:38 am, edited 1 time in total.
Steve
- panter011
- Joomla! Enthusiast
- Posts: 104
- Joined: Fri Sep 02, 2005 8:45 pm
- Location: Peru - The Land for All Your Senses
- Contact:
Re: [PATCH AVAIL.] JD-WordPress Vulnerability
ok, hope it will be soon, thank you!
anyway do you know any alternative download page?
thanks
Javier
anyway do you know any alternative download page?
thanks
Javier
JYG
- cmyksteve
- Joomla! Intern
- Posts: 53
- Joined: Sat Aug 20, 2005 5:20 am
- Location: Ohio
- Contact:
Re: [PATCH AVAIL.] JD-WordPress Vulnerability
Joomlify.com is back up.
Here's a link to the current version of mojoBlog from the download area-
http://www.joomlify.com/component/optio ... Itemid,53/
Here's a link to the current version of mojoBlog from the download area-
http://www.joomlify.com/component/optio ... Itemid,53/
Steve
Advertisement