Joomla! Project ได้ประกาศออก Joomla 1.5.20 [senu takaa] เป็นการเร่งด่วน. โดยในเวอร์ชั่นนี้เป็นการแก้ไขในเรื่อง การรักษาความปลอดภัยที่มีปัญหากับแพ็คเกจ Joomla 1.5.19 เราขอแนะนำให้ผู้ใช้งานทุกท่านทำการอัพเดททันที

โดยเป้าหมายของทีม Development Working Group's นั้นก็เพื่อรองรับการใช้งานของกลุ่มผู้ใช้ Joomla ทั่งหลาย.

SECUNIA ADVISORY ID:
SA40640

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/40640/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=40640

RELEASE DATE:
2010-07-17
DESCRIPTION:
Salvatore Fresta has discovered a vulnerability in the redSHOP
component for Joomla, which can be exploited by malicious people to
conduct SQL injection attacks.

Input passed via the "keyword" parameter to index.php (when "option"
is set to "com_redshop" and "view" is set to "search") is not
properly sanitised before being used in a SQL query. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is confirmed in version Light 1.0 RC2 and reported
in version 1.0.23.1. Other versions may also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
Salvatore Fresta aka Drosophila

ORIGINAL ADVISORY:
Salvatore Fresta:
http://adv.salvatorefresta.net/RedShop_1.0.23.1_Joomla_Component_Blind_SQL_Injection_Vulnerability-14072010.txt

 

SECUNIA ADVISORY ID:
SA40644

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/40644/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=40644

RELEASE DATE:
2010-07-16
DESCRIPTION:
Multiple vulnerabilities have been reported in Joomla, which can be
exploited by malicious users to conduct SQL injection attacks and by
malicious people to conduct cross-site scripting attacks.

1) Input passed via unspecified parameters is not properly sanitised
before being used in a SQL query. This can be exploited to manipulate
SQL queries and disclose internal path information via SQL error
messages.

Successful exploitation requires "Back-end" permissions.

2) Input passed to unspecified parameters in the administrative
section is not properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a
user's browser session in context of an affected site.

3) Input passed to unspecified parameters in the administrative
section is not properly sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a
user's browser session in context of an affected site.

The vulnerabilities are reported in versions prior to 1.5.19.

SOLUTION:
Update to version 1.5.19 or later.

PROVIDED AND/OR DISCOVERED BY:
1) The vendor credits Andy Gorges.
2) The vendor credits Jose Antonio Vazquez Gonzalez.
3) The vendor credits oCERT.

ORIGINAL ADVISORY:
http://developer.joomla.org/security/news/315-20100701-core-sql-injection-internal-path-exposure.html
http://developer.joomla.org/security/news/316-20100702-core-xss-vulnerabillitis-in-back-end.html
http://developer.joomla.org/security/news/317-20100703-core-xss-vulnerabillitis-in-back-end.html
http://developer.joomla.org/security/news/318-20100704-core-xss-vulnerabillitis-in-back-end.html

 

Joomla! Project ได้ประกาศออก Joomla 1.5.19 [Wojmamni ama batani] เป็นการเร่งด่วน. โดยในเวอร์ชั่นนี้เป็นการแก้ไขในเรื่อง Security

โดยทีม Development Working Group's ยังคงทำงานหนักกันต่อไปอย่างสม่ำเสมอ, เพื่อกลุ่มผู้ใช้ Joomla ทั่งหลาย.

SECUNIA ADVISORY ID:
SA40565

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/40565/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=40565

RELEASE DATE:
2010-07-14
DESCRIPTION:
A vulnerability has been reported in the SocialAds component for
Joomla, which can be exploited by malicious users to conduct script
insertion attacks.

Input passed via the "addata[][ad_body]" parameter to index.php (when
"option" is set to "com_socialads", "view" is set to "buildad", and
"Itemid" is set to a valid value) when creating an advertisement is
not properly sanitised before being used. This can be exploited to
insert arbitrary HTML and script code, which will be executed in a
user's browser session in context of an affected site when the
malicious data is being viewed.

The vulnerability is reported in versions prior to 1.0.1.

SOLUTION:
Update to version 1.0.1.

PROVIDED AND/OR DISCOVERED BY:
Sid3^effects
 

SECUNIA ADVISORY ID:
SA40559

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/40559/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=40559

RELEASE DATE:
2010-07-14
DESCRIPTION:
A vulnerability has been reported in the InstantPhp Jobs component
for Joomla, which can be exploited by malicious people to conduct SQL
injection attacks.

Input passed via the "detailed_results" parameter to index.php (when
"option" is set to "com_jobs", "task" is set to "search_jobs", and
"search_word" is set to any value) is not properly sanitised before
being used in a SQL query. This can be exploited to manipulate SQL
queries by injecting arbitrary SQL code.

The vulnerability is reported in version 1.3.2. Other versions may
also be affected.

SOLUTION:
Update to version 1.3.3.

PROVIDED AND/OR DISCOVERED BY:
Sid3^effects