Cybersecurity threats 2015: a security update that fixed five vulnerabilities in Joomla!

Posted: October 24, 2015 in Vulnerability News
Tags: , ,


Joomla! vulnerabilitiesFive vulnerabilities in the content management system Joomla!

These flaws allows a remote user to elevate privileges on the system by exploiting SQL injection. One of vulnerabilities in Joomla! allows an attacker to gain administrator rights.

The developers of the popular content management system Joomla released a security update that fixes five vulnerabilities. One of flaws allows an attacker to remotely elevate privileges using the SQL-injection and obtain administrator rights on most web-sites running Joomla!.

The single remote, active privilege elevation vulnerability was discovered by Trustwave’s specialist Asaf Orpani and PerimeterX’s expert Netanel Rubin. In the Trustwave blog Orpani published details of the breach and said that the vulnerability can also affect the resources under the control of the platform VirtueMart, because it is based on a vulnerable version of the Joomla kernel module.

“Since the breach was discovered in the kernel module (which does not require add-ons), all web-sites based on Joomla 3.2 and later versions are vulnerable to attack. In this regard, all of the resources under the control of VirtueMart also be compromised, “- said the expert.

The other two vulnerabilities are fairly common mistakes of access control. Exploiting these vulnerabilities may allow remote attackers to reveal important data.

Five vulnerabilities in Joomla

Danger: High
Availability correction: Yes
The number of vulnerabilities: 5

CVE ID:

  • CVE-2015-7297
  • CVE-2015-7857
  • CVE-2015-7858
  • CVE-2015-7859
  • CVE-2015-7899

Vector of operation: Remote

Impact:

  • Disclosure of sensitive data
  • Privilege escalation

Affected Products: Joomla! 3.x
Affected versions: Joomla 3.0.0 through 3.4.4

Description:

The vulnerabilities allows a remote user to elevate privileges and disclose sensitive data.

[Critical SQL Injection: CVE-2015-7297, CVE-2015-7857, CVE-2015-7858] These vulnerabilities are caused due to insufficient input data processing in the application database. The remote user can via a specially crafted SQL-query to make arbitrary changes to the database.

[CVE-2015-7859, CVE-2015-7899] These vulnerabilities are caused due to insufficient input validation. The remote user can reveal important data.


Joomla logoSolution: Install the update from the manufacturer.

Manufacturer URL: http://joomla.org

Joomla! – Security Centre: http://developer.joomla.org/security-centre.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s