BID:31103

Joomla! Multiple Remote Vulnerabilites and Weaknesses

Info

Joomla! Multiple Remote Vulnerabilites and Weaknesses

Bugtraq ID:	31103
Class:	Unknown
CVE:	CVE-2007-0373
Remote:	Yes
Local:	No
Published:	Sep 10 2008 12:00AM
Updated:	Sep 11 2008 11:20PM
Credit:	Stefan Esser, Andrew Eddie, Phil Taylor
Vulnerable:	Joomla Joomla 1.5.6 Joomla Joomla 1.5.5 Joomla Joomla 1.5.4 Joomla Joomla 1.5.3 Joomla Joomla 1.5.2 Joomla Joomla 1.5.1 Joomla Joomla 1.5 Joomla Joomla 1.5.0 Beta

Not Vulnerable:	Joomla Joomla 1.5.7

Discussion

Joomla! Multiple Remote Vulnerabilites and Weaknesses

Joomla! CMS is prone to multiple remote vulnerabilities and a weakness, including:

- An RNG (random number generator) weakness.
- A security vulnerability that may allow attackers to send unsolicited spam email.
- A URL-redirection vulnerability.
- An input-validation vulnerability.

Remote attackers can exploit these issues to send unsolicited spam email, redirect victims to attacker-controlled sites, and conduct phishing attacks. Attackers can also exploit the RNG weakness to aid in brute-force attacks. Other attacks are also possible.

Versions prior to Joomla! 1.5.7 are vulnerable.

Exploit / POC

Joomla! Multiple Remote Vulnerabilites and Weaknesses

Attackers can exploit these issues via a browser. To exploit some of these issues, an attacker must entice an unsuspecting victim to follow a malicious URI.

Solution / Fix

Joomla! Multiple Remote Vulnerabilites and Weaknesses

Solution:
The vendor has released an update. Please see the references for more information.

Joomla Joomla 1.5.0 Beta