01Oct2008 (UTC +8) A bank that we pentested recently, had the input field for the token vulnerable to MySQL injection attacks. The fix they did was to do a better job at input sanitation.
On 11/1/08, Philip Morales <[EMAIL PROTECTED]> wrote: > > Hi Pluggers, > > I received the following about Joomla Password Remind Functionality - > Exploit" attack > > --------------------------- > There has been several (successful) hack attempts in the past 48 hours from > your network: > below you will find a small overview of the different IP address and the > timestamps they were used, > at the end of this message you will find the complete http log file entries > which proof this is a > full "[20080801] - Core - Password Remind Functionality - Exploit" attack. > > 89.108.36.198 - - [30/Oct/2008:06:02:10 +0100] > 89.108.31.218 - - [31/Oct/2008:00:37:13 +0100] > > Pleas take appropriate actions. > --------------------------- > > Our Linux server was hacked was due to insecure software hosted by one of > our customers, > normally this should only affect the website of the customer it self - not > the entire server - > but since this has happened in the past days we decided to locked down > customers websites and > force the them to update their software for this particular vulnerability. > > > http://developer.joomla.org/security/news/35-core-security/241-20080801-core-password-remind-functionality.html > > vulnerability exists in all versions prior to 12-08-2008. > > Do you know any additional fix I can do? > > Thanks. > Drexx Laggui -- CISA, CISSP, CFE Associate, ISO27001 LA, CCSI, CSA http://www.laggui.com ( Singapore / Manila / California ) Computer forensics; Penetration testing; QMS & ISMS developers; K-Transfer PGP fingerprint = 6E62 A089 E3EA 1B93 BFB4 8363 FFEC 3976 FF31 8A4E
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
