what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 29106

Secunia Security Advisory 29106
Posted Feb 25, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Hendrik-Jan Verheij has discovered a vulnerability in Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 39cccfd82ccf0306ee3b2ab5eef2bbe622419bddd49cf025630b1af39fdc505a

Secunia Security Advisory 29106

Change Mirror Download


----------------------------------------------------------------------

A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.

Download and test it today:
https://psi.secunia.com/

Read more about this new version:
https://psi.secunia.com/?page=changelog

----------------------------------------------------------------------

TITLE:
Joomla! "mosConfig_absolute_path" File Inclusion

SECUNIA ADVISORY ID:
SA29106

VERIFY ADVISORY:
http://secunia.com/advisories/29106/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
>From remote

SOFTWARE:
Joomla! 1.x
http://secunia.com/product/5788/

DESCRIPTION:
Hendrik-Jan Verheij has discovered a vulnerability in Joomla!, which
can be exploited by malicious people to compromise a vulnerable
system.

Input passed to the "mosConfig_absolute_path" parameter in index.php
is not properly verified before being used to include files. This can
be exploited to include arbitrary files from external resources.

Successful exploitation requires that RG_EMULATION is either switched
on or undefined.

NOTE: Both situations cause security warnings to be displayed in
Joomla!'s administration section.

The vulnerability is confirmed in Joomla! 1.0.x in versions 1.0.14
and 1.0.13. Prior versions may also be affected.

SOLUTION:
Joomla! 1.0.x:
Update to version 1.0.15.

PROVIDED AND/OR DISCOVERED BY:
Hendrik-Jan Verheij

ORIGINAL ADVISORY:
Joomla!:
http://www.joomla.org/content/view/4609/1/

Hendrik-Jan Verheij:
http://seclists.org/bugtraq/2008/Feb/0207.html

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    27 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close