Web Hosting Talk Australia


Go Back   Web Hosting Talk Australia : General Forums : General Discussion : Nasty Joomla 1.5 security issue(s)
Reply

General Discussion General discussion about web hosting and related topics.

 
Thread Tools
Old 20-08-2008, 04:14 PM   #1
brianoz
Registered User
 
brianoz's Avatar
 
Join Date: Nov 2004
Location: Melbourne
Posts: 603
Nasty Joomla 1.5 security issue(s)
Just a general warning that there are some nasty security issues with Joomla 1.5. In particular, it's possible to reset the admin password with no special attack code!!

Here's the notification from WHT:
http://www.webhostingtalk.com/showthread.php?t=714987

I'm sure there are others but this one seemed particularly nasty to me!

Here's a working and tested mod_security 1.x pattern for this and one other issue:

Code:
   # Joomla 1.5 null token password reset exploit - RM/BC 20 Aug 08
   SecFilterSelective ARG_task "confirmreset" chain
   SecFilterSelective POST_PAYLOAD "token=('|%27)"

   # Joomla 1.5 SQL injection - 20 Aug 08
   # nb: need case independence, on by default in 1.x!
   SecFilterSelective ARGS_VALUES ";.*declare%20.*exec"
The patterns may be a little general, comments appreciated!

ps: there are exploits in the wild for this one!
brianoz is offline  
View Public Profile Find all posts by brianoz Reply With Quote
Old 20-08-2008, 05:04 PM   #2
AndrewK
Registered User
Moderator
 
Join Date: May 2005
Location: Melbourne
Posts: 881
Re: Nasty Joomla 1.5 security issue(s)
Thanks brianoz, we've applied those mod_security patches

It really annoys me when popular software has major security holes in it. I'm a PHP developer and I always drilled security in to myself as the number one priority when writing applications. I can't be 100% sure but I'm quite confident that nothing I have written has glaring security holes in it, and I expect the same from developers who release software for other people to use.
AndrewK is online now  
View Public Profile Find all posts by AndrewK Reply With Quote
Old 20-08-2008, 05:20 PM   #3
brianoz
Registered User
 
brianoz's Avatar
 
Join Date: Nov 2004
Location: Melbourne
Posts: 603
Re: Nasty Joomla 1.5 security issue(s)
Especially gaping security holes like these. I'd expect better from the Joomla folks; any password changing page should be reviewed 4-5 times by different people before going live, and should double or triple check incoming data. Kind of Programming 101. And don't get me started on allowing SQL injection; that's old hat now to anyone ... even phpBB get this right these days!!!
brianoz is offline  
View Public Profile Find all posts by brianoz Reply With Quote
Old 20-08-2008, 05:42 PM   #4
WallOfPain
Registered User
 
Join Date: Jan 2008
Location: Sydney
Posts: 58
Re: Nasty Joomla 1.5 security issue(s)
Reason why I don't use Joomla, its basically another PHP Nuke.......
WallOfPain is offline  
View Public Profile Find all posts by WallOfPain Reply With Quote
Old 20-08-2008, 10:20 PM   #5
adhc
Australian Data Hosting
 
adhc's Avatar
 
Join Date: Feb 2007
Location: Melbourne
Posts: 748
Re: Nasty Joomla 1.5 security issue(s)
Quote:
Originally Posted by WallOfPain View Post
Reason why I don't use Joomla, its basically another PHP Nuke.......
What about your clients though? Can they install Joomla with or without permission?
__________________
Cheers,

Mike

I may be house trained but I still don't do windows!
adhc is offline  
View Public Profile Find all posts by adhc Reply With Quote
Old 24-08-2008, 10:43 AM   #6
Fenix
Free Hosting Provider
 
Fenix's Avatar
 
Join Date: Aug 2008
Location: Melbourne
Posts: 83
Re: Nasty Joomla 1.5 security issue(s)
Why should it matter?
Its only their Joomla installation thats at risk. It doesnt breach server security.
__________________
Fenix Web Services Free Hosting and Web Design
Fenix is offline  
View Public Profile Visit Fenix's homepage! Find all posts by Fenix Reply With Quote
Old 24-08-2008, 12:44 PM   #7
brianoz
Registered User
 
brianoz's Avatar
 
Join Date: Nov 2004
Location: Melbourne
Posts: 603
Re: Nasty Joomla 1.5 security issue(s)
Once they have control of a Joomla installation, it's only a few steps to getting full control of an account, often (for instance, if they've used their cpanel password as a database password). And from there, if the server isn't well secured, it's not hard to escalate to root.

So yes, it's important
brianoz is offline  
View Public Profile Find all posts by brianoz Reply With Quote
Old 24-08-2008, 01:05 PM   #8
Fenix
Free Hosting Provider
 
Fenix's Avatar
 
Join Date: Aug 2008
Location: Melbourne
Posts: 83
Re: Nasty Joomla 1.5 security issue(s)
IF your servers insecure, then thats a seperate issue unrelated to the joomla problem. The server should be secure, or your just inviting trouble even from your regular users, weather joomla is installed or not.

But you got a point about the database. Mind you, youd be rather stupid to use the same password for both :P
__________________
Fenix Web Services Free Hosting and Web Design
Fenix is offline  
View Public Profile Visit Fenix's homepage! Find all posts by Fenix Reply With Quote
Old 25-08-2008, 09:58 AM   #9
brianoz
Registered User
 
brianoz's Avatar
 
Join Date: Nov 2004
Location: Melbourne
Posts: 603
Re: Nasty Joomla 1.5 security issue(s)
And of course, I completely agree re the insecure server. But not all the hosters out there know how to secure a server well as I'm sure you know!

And you or I (and I'm sure all the people reading here) would never use a cpanel password for a database... but that's not the way users work!
Last edited by brianoz; 25-08-2008 at 10:09 AM.
brianoz is offline  
View Public Profile Find all posts by brianoz Reply With Quote
Old 14-11-2008, 07:55 PM   #10
HostiaWeb.Com
Registered User
 
Join Date: Nov 2008
Location: CS
Posts: 12
Re: Nasty Joomla 1.5 security issue(s)
Joomla had a lot of security issues, why dont you give mambo a try?
HostiaWeb.Com is offline  
View Public Profile Find all posts by HostiaWeb.Com Reply With Quote
Old 14-11-2008, 09:27 PM   #11
Bendweb
Registered User
 
Join Date: Feb 2008
Location: My house!
Posts: 151
Re: Nasty Joomla 1.5 security issue(s)
Quote:
Originally Posted by HostiaWeb.Com View Post
Joomla had a lot of security issues, why dont you give mambo a try?
You do realise that Joomla was Mambo to begin with, don't you?
Bendweb is offline  
View Public Profile Find all posts by Bendweb Reply With Quote
Old 14-11-2008, 09:41 PM   #12
HostiaWeb.Com
Registered User
 
Join Date: Nov 2008
Location: CS
Posts: 12
Re: Nasty Joomla 1.5 security issue(s)
Quote:
Originally Posted by Bendweb View Post
You do realise that Joomla was Mambo to begin with, don't you?
No, i thought they are two completely different Content management Systems.
__________________
HostiaWeb.Com
High-End Shared & Reseller Web Hosting Services!
HostiaWeb.Com is offline  
View Public Profile Find all posts by HostiaWeb.Com Reply With Quote
Old 15-11-2008, 06:41 PM   #13
WallOfPain
Registered User
 
Join Date: Jan 2008
Location: Sydney
Posts: 58
Re: Nasty Joomla 1.5 security issue(s)
Joomla starting to turn into a PHP Nuke with all the exploit problems.
WallOfPain is offline  
View Public Profile Find all posts by WallOfPain Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:

Similar Threads
Thread Thread Starter Forum Replies Last Post
Joomla problems with pictures MooPoo Programming and Web Development 2 13-07-2008 09:21 AM
Security attack default.asp - IIS security hole? webwhiz Technical Support 10 09-07-2008 09:10 PM
Strange DNS (named) issues -'RRset exists (value dependent)' dane Technical Support 3 30-04-2008 09:34 PM
Issues with webcity's mail servers Delartful Technical Support 1 09-03-2008 10:45 AM



 

iNET Interactive

Copyright © 2008 iNET Interactive.
All rights reserved. Network status