Portal Home > Knowledgebase > Articles Database > Joomla 1.5 Urgent Security Release
Joomla 1.5 Urgent Security Release
Posted by xyzulu, 08-12-2008, 07:16 PM |
Please see: http://developer.joomla.org/security...tionality.html
Thanks for your attention to this, and helping to get the word out to your Joomla clients.
Note, this only affects Joomla 1.5.x and not Joomla 1.0.x
|
Posted by brianoz, 08-20-2008, 01:00 AM |
This is probably the worst security bug I've seen for a long time!
A working mod_security rule for this is:
Joomla team - if you find exploits like this, please release mod_security patterns with the advisory; for the sake of your name as well as our sanity!
We've tested this and it prevents the exploit (there is a working exploit in the wild as I write).
|
Posted by brianoz, 08-20-2008, 03:00 AM |
ps: This is a mod_security 1.x rule, it should be trivial to convert to current mod_security syntax...
|
Posted by bloodyman, 08-20-2008, 06:59 AM |
Thanks for sharing mod_sec 1.x rule to prevent this kind of attack
|
Posted by CoderJosh, 08-20-2008, 10:01 AM |
It would be even better though if Joomla wouldn't have security issues that often...
|
Add to Favourites Print this Article
Also Read
2 game sites (Views: 685)