[VIM] False: JEvents1.4.1 For Joomla Remote File Include Vulnerability
str0ke
str0ke at milw0rm.com
Fri Jun 8 18:09:00 UTC 2007
Wow thats strange. Redownloaded the tar and thats not what I saw
before. Rechecking.
/str0ke
On 6/8/07, George A. Theall <theall at tenablesecurity.com> wrote:
> Milw0rm 4048 seems bogus to me. I grabbed the code from
> http://joomlacode.org/gf/download/frsrelease/502/11101/com_events_1.4.1.zip,
> which Blu3H47 claims is affected. The affected file starts:
>
> ---- snip, snip, snip ----
> <?php
> /**
> * Events Component for Joomla 1.0.x
> *
> * @version $Id: comutils.php 295 2006-12-06 09:20:53Z geraint $
> * @package Events
> * @copyright Copyright (C) 2006 JEvents Project Group
> * @licence http://www.gnu.org/copyleft/gpl.html
> * @link http://forge.joomla.org/sf/projects/jevents
> */
>
> /*
> loads all required classes and file to support Events Component (Frontend)
> */
>
> global $mainframe;
>
> // first load config class
> require_once(mosMainFrame::getBasePath('admin') .
> 'components/com_events/lib/config.php');
>
> ---- snip, snip, snip ----
>
> Notice the version info here is the same as what Blu3H47 reports but the
> require_once() function can not be abused by an attacker. The date on
> 'includes/comutils.php' in the ZIP file is 12-06-06 so it doesn't seem
> like the case of a quick fix after the vuln was announced. So what gives?
>
>
>
> George
> --
> theall at tenablesecurity.com
>
More information about the VIM
mailing list