oss-sec mailing list archives

CVE request: Joomla unauthorised uploads before 2.5.14 / 3.1.5

From: Hanno Böck <hanno () hboeck de>
Date: Sat, 24 Aug 2013 14:48:13 +0200

Joomla 2.5.14 and 3.1.5 releases fix a security issue:
http://developer.joomla.org/security/563-20130801-core-unauthorised-uploads.html?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+JoomlaSecurityNews+%28Joomla%21+Security+News%29
It says "CVE Number: Pending", maybe they already requested a CVE
themselves.

Code commit 2.5:
https://github.com/joomla/joomla-cms/commit/fa5645208eefd70f521cd2e4d53d5378622133d8
Code commit 3.1:
https://github.com/joomla/joomla-cms/commit/1ed07e257a2c0794ba19e864f7c5101e7e8c41d2

Issue also exists in 1.5 (end of life):
http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=31626

Exploit in the wild:
https://github.com/rapid7/metasploit-framework/pull/2219
http://www.cso.com.au/article/523528/joomla_patches_file_manager_vulnerability_responsible_hijacked_websites/

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: BBB51E42

Attachment: signature.asc
Description:

Current thread:

CVE request: Joomla unauthorised uploads before 2.5.14 / 3.1.5 Hanno Böck (Aug 24)
- Re: CVE request: Joomla unauthorised uploads before 2.5.14 / 3.1.5 cve-assign (Aug 24)