Summary: | www-apps/joomla < 1.5.7 Multiple vulnerabilities (CVE-2008-{4102,4103,4104,4105}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | enhancement | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.joomla.org/announcements/release-news/5212-joomla-157-security-release-now-available.html | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Hanno Böck
![]() CVE-2008-4102 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4102): Joomla! 1.5 before 1.5.7 initializes PHP's PRNG with a weak seed, which makes it easier for attackers to guess the pseudo-random values produced by PHP's mt_rand function, as demonstrated by guessing password reset tokens, a different vulnerability than CVE-2008-3681. CVE-2008-4103 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4103): The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam. CVE-2008-4104 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4104): Multiple open redirect vulnerabilities in Joomla! 1.5 before 1.5.7 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a "passed in" URL. CVE-2008-4105 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4105): JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact. Added joomla-1.5.7, removed vulnerable joomla-1.5.5, -1.5.6. Unstable on all arches, masked for security reasons anyhow. Webapps done. |