Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 254151 - www-apps/joomla <1.5.9 Directory Traversal Vulnerability
Summary: www-apps/joomla <1.5.9 Directory Traversal Vulnerability
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: http://secunia.com/Advisories/33377/
Whiteboard: ~4 [noglsa]
Keywords:
: 255969 (view as bug list)
Depends on:
Blocks:
 
Reported: 2009-01-07 20:45 UTC by Bruno Buss
Modified: 2009-01-26 19:15 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Bruno Buss 2009-01-07 20:45:17 UTC 
Description:
"irk4z has discovered a vulnerability in Joomla!, which can be exploited by malicious people to disclose sensitive information.

Input passed to the "X_CMS_LIBRARY_PATH" HTTP header handled in plugins/editors/xstandard/attachmentlibrary.php is not properly verified before being used. This can be exploited to display arbitrary directory contents via directory traversal attacks.

This vulnerability is confirmed in version 1.5.8. Other versions may also be affected."

Exploit is also available:
http://milw0rm.com/exploits/7691
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2009-01-24 03:55:36 UTC 
*** Bug 255969 has been marked as a duplicate of this bug. ***
Comment 3 Peter Volkov (RETIRED) gentoo-dev 2009-01-26 18:42:47 UTC 
New version (1.5.9) was just added to the tree. Ebuild is ~arch, and package.masked, so bug can be closed.
Comment 4 Christian Hoffmann (RETIRED) gentoo-dev 2009-01-26 19:15:00 UTC 
Closing then. Third one in a row, yay. :p