My next class:
Reverse-Engineering Malware: Malware Analysis Tools and TechniquesOnline | Australia Eastern Standard TimeSep 16th - Sep 21st 2024

Joomla user password reset vulnerability being actively exploited

Published: 2008-08-15. Last Updated: 2008-08-15 18:25:26 UTC
by Jim Clausing (Version: 1)
0 comment(s)

We've received reports from several readers (thanx, Ronaldo and anonymous) that they have seen successful exploitation of the Joomla user password reset vulnerability announced on 12 Aug (with an exploit posted to milw0rm at about the same time).  If you have not yet upgraded to 1.5.6, do so ASAP

 

References:

http://developer.joomla.org/security/news/241-20080801-core-password-remind-functionality.html

http://www.us-cert.gov/current/index.html#joomla_password_reset_vulnerability

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3681

Keywords: joomla
0 comment(s)
My next class:
Reverse-Engineering Malware: Malware Analysis Tools and TechniquesOnline | Australia Eastern Standard TimeSep 16th - Sep 21st 2024

Comments


Diary Archives