lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 31 Oct 2010 20:34:39 +0000
From: "Thor (Hammer of God)" <thor@...merofgod.com>
To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>,
	"bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>,
	"bugs@...uritytracker.com" <bugs@...uritytracker.com>, "vuln@...unia.com"
	<vuln@...unia.com>, "secalert@...urityreason.com"
	<secalert@...urityreason.com>,
	"news@...uriteam.com" <news@...uriteam.com>, 
	"vuln@...urity.nnov.ru" <vuln@...urity.nnov.ru>
Subject: Re: Joomla 1.5.21 | Potential SQL Injection Flaws

According to your site, you want "to entice young Burmese people into ethical hacking" and "raise students' interest in security/hacking in an ethical manner," yet you "disclosed these flaws in order for someone who can exploit these flaws to the next maximum level"? 

Douche. 

t



-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of YGN Ethical Hacker Group
Sent: Sunday, October 31, 2010 12:19 PM
To: full-disclosure@...ts.grok.org.uk; bugtraq@...urityfocus.com; bugs@...uritytracker.com; vuln@...unia.com; secalert@...urityreason.com; news@...uriteam.com; vuln@...urity.nnov.ru
Subject: [Full-disclosure] Joomla 1.5.21 | Potential SQL Injection Flaws

1. VULNERABILITY DESCRIPTION


Potential SQL Injection Flaws were detected Joomla! CMS version 1.5.20. These flaws were reported along with our Cross Scripting Flaw which was fixed in 1.5.21. Developers believed that our reported SQL Injection flaws are not fully exploitable because of Joomla! built-in string filters and were not fixed in 1.5.21 which is currently the latest version.

As a result, we disclosed these flaws  in order for someone who can exploit these flaws to the next maximum level.


2. PROOF-OF-CONCEPT/EXPLOIT

http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_(filter_order)_front.jpg
http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_front.jpg
http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_back.jpg


3. DISCLOSURE TIME-LINE


2010-10-06  : Notified Joomla! Security Strike Team
2010-11-01  : Vulnerability disclosed


4. VENDOR

Joomla! Developer Team
http://www.joomla.org
http://www.joomla.org/download.html

________________________________________________________

# YGN Ethical Hacker Group
# http://yehg.net
# 2010-11-1

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists