[ home ] [ contents ] [ platforms ] [ shellcode ] [ pentest ] [ search ] [ submit ] [ links ] [ team ] [ faq ] [ contact ] [ style ]
Powered by Blogger.

Just Share For All People in The World to Increase Knowledge :D
Just Share For All People in The World to Increase Knowledge :D BY 1SP | Indonesia is not the place of the weak and the stupid | Indonesia is a virtuous person and bookish knowledge, so do not underestimate the Indonesian
[+] Post Title :

Joomla <=2.5.8,<=3.0.2 remote tcp connections opener


[+] Date : Sunday 19 May 2013
[+] Author : Unknown
[+] Link : http://top-ten-sec.blogspot.com/2013/05/joomla-258302-remote-tcp-connections.html
[+] Type :
Descriptions : 
Joomla core plugin 'highlight' unserializes not trusted input. Plugin 
is enabled by default in standard joomla installation. 
This proof of concept exploit uses JStream joomla class to make target opens remote tcp connections to custom address, therefore multiple vulnerable joomla instances can be used for ddos attacks. (JStream class can also be used to execute chmod on any file with any mode)

Solution : Upgrade to latest version or disable highlight plugin.

 Sources : here

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)