[PLUG-Devel] Security Audit of Joomla!
Alan Dayley
alandd at consultpros.com
Sat Sep 9 07:54:02 MST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jay Jacobson wrote:
>
>
> ...speaking of Joomla vulnerabilities... I just noticed this new one. It
> allows remote code execution on the web server:
>
> http://www.edgeos.com/threats/details.php?id=22298
>
> ~Jay
Thanks, Jay.
The PLUG site is now running Joomla! 1.0.11, listed in the solution to
this vulnerability. I also set 'register_globals' disabled for our
Joomla! directories with a custom php.ini in each subdirectory.
Alan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFFAtWKDQw/VSQuFZYRAvTEAJwIgk82kDjzujLXIDCOutXI5GfygwCeMxek
whGxx1JrIPtET6kLVRbjKbk=
=1zcc
-----END PGP SIGNATURE-----
More information about the PLUG-devel
mailing list