Forum Information

Members: 16,996
Threads: 38,831
Posts: 159,349
Online: 32

Newest Member: Kl_broka@rediffmail.com
Advertising

Partners


Odoo.tv - Outdoor Television

Mambers.com 4 Sale

Sedo - Domains kaufen und verkaufen das Projekt mambers.com steht zum Verkauf Besucherstatistiken von mambers.com etracker® Web-Controlling statt Logfile-Analyse
Home  ::   Forums   ::  Join Now!

Go Back   Mambers.com > International > Italian - Italiano > Annunci
Reload this Page Mambo/Joomla : A SQL injection vulnerability com_weblink

Reply
 
LinkBack Thread Tools Display Modes
Old 20.06.2006, 07:27   #1 (permalink)
Elite Mamber
 
theprincy's Avatar
 
Join Date: Apr 2004
Location: Paestum (SA) ITALY
Posts: 2,326
theprincy will become famous soon enough
Send a message via ICQ to theprincy Send a message via MSN to theprincy
Default Mambo/Joomla : A SQL injection vulnerability com_weblink
Soluzione Mambo :

A SQL injection vulnerability has been identified in Mambo versions <= 4.6RC1. Meaning that current production version 4.5.4 as well as recent versions 4.5.3h, 4.5.3, and 4.5.2.3 are at risk. The quickest way to plug this hole is to open /components/com_weblinks/weblinks.php and add the following two lines at line 250.

Code:

PHP Code:
 $row->title $database->getEscaped($row->title);
$row->catid $database->getEscaped($row->catid); 


We recommend you patch this as soon as possible. For those not comfortable with editing the files manually we will get some patches up on "The Source" soon.

Per chi non comprende inglese

E' stato trovato un SQL injection vulnerability le versioni di mambo con questo problema sono : 4.6RC1, 4.5.4, 4.5.3h, 4.5.3, and 4.5.2.3

Aprire il file /components/com_weblinks/weblinks.php e aggiungere queste due righe dopo la riga 250.

Code:
PHP Code:
$row->title $database->getEscaped($row->title);
$row->catid $database->getEscaped($row->catid); 


Si raccomanda di farlo prima possibile, molto presto sarà disponibile la patch per chi non si sente di modificare i file.


Soluzione Joomla:

open /components/com_weblinks/weblinks.php, find:
Codice:
PHP Code:
/**
* Saves the record on an edit form submit
* @param database A database connector object
*/
function saveWeblink$option ) {
    global $mosConfig_mailfrom$mosConfig_fromname;
    global $database$my;

    if ($my->gid 1) {
        mosNotAuth();
        return;
    } 


replace it with:
Codice:
PHP Code:
/**
* Saves the record on an edit form submit
* @param database A database connector object
*/
function saveWeblink$option ) {
    global $mosConfig_mailfrom$mosConfig_fromname;
    global $database$my;

    if ($my->gid 1) {
        mosNotAuth();
        return;
    }
    
    // security check to see if link exists in a menu
    $link 'index.php?option=com_weblinks&task=new';
    $query "SELECT id"
    "\n FROM #__menu"
    "\n WHERE link LIKE '%$link%'"
    "\n AND published = 1"
    ;
    $database->setQuery$query );
    $exists $database->loadResult();
    if ( !$exists ) {                        
        mosNotAuth();
        return;
    } 


Informazioni sul problema le può trovare ai seguenti link

joomla : http://www.milw0rm.com/exploits/1922
mambo : http://www.milw0rm.com/exploits/1920








__________________
Supporto Vendita Computer, Web Graphic, Realizzazioni e Assistenza Software www.powerpcweb.it - Mamboserver -- www.revhost.eu
theprincy is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Sponsored Links
Old 20.06.2006, 08:57   #2 (permalink)
Elite Mamber
 
theprincy's Avatar
 
Join Date: Apr 2004
Location: Paestum (SA) ITALY
Posts: 2,326
theprincy will become famous soon enough
Send a message via ICQ to theprincy Send a message via MSN to theprincy
Default Riferimento: Mambo/Joomla : A SQL injection vulnerability com_weblink
Sul sito The source sono disponibili le patch, le trovate a questo indirizzo
__________________
Supporto Vendita Computer, Web Graphic, Realizzazioni e Assistenza Software www.powerpcweb.it - Mamboserver -- www.revhost.eu
theprincy is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Mambo Open Source Com_Contents SQL Injection Vulnerability theprincy Annunci 4 20.07.2005 13:41
Mambo "user_rating" Parameter Remote SQL Injection Exploit BillyParadise Mambo 4.5.1 Bugs 0 04.07.2005 02:51
Zoom Media Gallery "index.php" Remote SQL Injection Vulnerability izcold Mambo 4.5.1 General Talk 0 12.04.2005 12:24
SQL injection in the banner.php code? elta68 Mambo 4.5 Security 3 28.02.2005 09:38
Sql injection in Akogallery 2.5b In Mambo 4.5.1a MrSleep Mambo 4.5.1 Bugs 2 25.12.2004 05:20


All times are GMT +2. The time now is 21:13.

Powered by vBulletin® Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.1.0
A vBSkinworks Design
© Copyright 2004-2008 by Arthur Konze Webdesign.



Forums | Register | Members | Search | Faq

Mambers.com - Archive - Top