Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Joomla user password reset vulnerability being actively exploited SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Joomla user password reset vulnerability being actively exploited

We've received reports from several readers (thanx, Ronaldo and anonymous) that they have seen successful exploitation of the Joomla user password reset vulnerability announced on 12 Aug (with an exploit posted to milw0rm at about the same time).  If you have not yet upgraded to 1.5.6, do so ASAP

 

References:

http://developer.joomla.org/security/news/241-20080801-core-password-remind-functionality.html

http://www.us-cert.gov/current/index.html#joomla_password_reset_vulnerability

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3681

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Baltimore Fall 2020

Jim

416 Posts
ISC Handler
Aug 15th 2008

Sign Up for Free or Log In to start participating in the conversation!