Rescue your Joomla 1.5.x sites !!!

Recently i discovered a security issue in Joomla 1.5.0 where the
Remote Admin Password Change can be utilized by hackers to
deface our sites.This security problem in Joomla 1.5.0 is
possible for hackers to regenerate the admin password and get
in to our sites.

How to check whether your Joomla 1.5.x is exposed to these
vulnerability?


1) Go to your site url.For example :
myportal.com/index.php?option=com_user&view=reset&layout=confirm
2) Enter ' in the token field and click ok
3) Key in new password for admin
4) Go to url myportal.com/administrator and login admin with your new
password

Note: If you can do step 3 & 4, you are at high risk of getting hacked.
By right, you will get en email contains a verification token before you
can proceed to password changes.

Solution

1) Install the latest Joomla 1.5.6 (as of 18-08-2008)
2) Apply update patches (upgrade to Joomla 1.5.6)


Installing Joomla 1.5.6

1) Download the latest version of joomla
2) Extract compressed file
3) Go to your url. For example http://localhost/newjoomla and follow the
instructions

Upgrade your Joomla 1.5.x to Joomla 1.5.6 (Patches)

1) Download the appropriate update patches from Joomla Download Site
2) Extract in your current Joomla directory
(Assumed you have done your backup)
3) You can login to your administrator sites to see the changes or view the
CHANGELOG.php in your Joomla directory

Click here for further info on why you should upgarde to Joomla 1.5.6

0 comments: