Nieuws
Joomla! Googlemaps plugin vulnerability.....
Geplaatst door Mike-Support Helpburo.eu aan 20-11-2014 11:31

Joomla! Googlemaps plugin vulnerability

The problem with the Joomla! Googlemaps plugin lies in the fact anyone can request the /plugins/system/plugin_googlemap2_proxy.php in their browser or script, to execute cURL HTTP requests to remote websites.

The url parameter is vulnerable for Cross Site Scripting (XSS) attacks, and allows the retrieval of remote website content. When this happens a lot, a website becomes overloaded and unresponsive, making a Denial-of-Service attack succesfully executed.

 

Zie ook: http://seclists.org/fulldisclosure/2014/Feb/53

 

Update: Removing the plugin helps only to remove the XSS vulnerability, but NOT the overload problem, as still botnets will try to access the plugin. You should also add the following in the top of your .htaccess file in the main Joomla directory:

<Files "plugin_googlemap2_proxy.php">
Order Deny,Allow
deny from all
</Files>

 

 


Reacties (0)