Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 12 Nov 2010 22:48:16 +0200
From: Henri Salo <henri@...v.fi>
To: "oss-security" <oss-security@...ts.openwall.com>
Subject: CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Can I get CVE-identifier for this issue?

"Multiple vulnerabilities have been discovered in Joomla, which can be
exploited by malicious people to conduct SQL injection attacks.

Input passed via the "filter_order" and "filter_order_Dir" parameters
to index.php (e.g. when "option" is set to "com_weblinks",
"com_contact", or "com_messages") is not properly verified before being
used in a SQL query. This can be exploited to manipulate SQL queries by
injecting limited SQL code, which may result in e.g. information 
disclosure via database errors."

Vulnerable versions: 1.5.21 and all previous 1.5 releases
Solution: Update to 1.5.22 (or later)

Referers:
http://secunia.com/advisories/42133
http://developer.joomla.org/security/news/9-security/10-core-security/323-20101101-core-sqli-info-disclosurevulnerabilities.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-10/0514.html

Best regards,
Henri Salo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkzdqBAACgkQXf6hBi6kbk8lFACgmpIFET/szRnKRNpVO0COQuFd
pXcAoMwVjrf3/8PzOIOBuWkxMBW9lodS
=AgJf
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ