[VIM] False: JEvents1.4.1 For Joomla Remote File Include Vulnerability

str0ke str0ke at milw0rm.com
Fri Jun 8 18:09:00 UTC 2007


Wow thats strange.  Redownloaded the tar and thats not what I saw
before.  Rechecking.

/str0ke

On 6/8/07, George A. Theall <theall at tenablesecurity.com> wrote:
> Milw0rm 4048 seems bogus to me. I grabbed the code from
> http://joomlacode.org/gf/download/frsrelease/502/11101/com_events_1.4.1.zip,
> which Blu3H47 claims is affected. The affected file starts:
>
>                        ---- snip, snip, snip ----
> <?php
> /**
>   * Events Component for Joomla 1.0.x
>   *
>   * @version     $Id: comutils.php 295 2006-12-06 09:20:53Z geraint $
>   * @package     Events
>   * @copyright   Copyright (C) 2006 JEvents Project Group
>   * @licence     http://www.gnu.org/copyleft/gpl.html
>   * @link        http://forge.joomla.org/sf/projects/jevents
>   */
>
> /*
>   loads all required classes and file to support Events Component (Frontend)
> */
>
> global $mainframe;
>
> // first load config class
> require_once(mosMainFrame::getBasePath('admin') .
> 'components/com_events/lib/config.php');
>
>                        ---- snip, snip, snip ----
>
> Notice the version info here is the same as what Blu3H47 reports but the
> require_once() function can not be abused by an attacker. The date on
> 'includes/comutils.php' in the ZIP file is 12-06-06 so it doesn't seem
> like the case of a quick fix after the vuln was announced. So what gives?
>
>
>
> George
> --
> theall at tenablesecurity.com
>


More information about the VIM mailing list