Updated Noah Classifieds Component for Joomla!/Mambo

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Updated Noah Classifieds Component for Joomla!/Mambo
From: noahsec1@xxxxxxxxxxxxxxxxxxxxxxxxxxx
Date: 1 Mar 2006 02:24:13 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Updated Noah Classifieds Component for Joomla!/Mambo fixes vulnerabilities

Problem:

Several vulnerabilities were recently discovered in Noah Classifieds 1.3 which 
also affect the Joomla!/Mambo component. Details on the vulnerabilities are 
available at http://www.kapda.ir/advisory-268.html

The exploits included - Sql Injection, XSS, Local file inclusion, Remote code 
execution.

Versions affected ? Joomla!/Mambo Noah Classifieds Component <= 1.0 Beta 2.

Solution: Upgrade to version 1.0 Beta 3. This fixes all known vulnerabilities. 
1.0 Beta 3 can be found on JoomlaForge - 
http://forge.joomla.org/sf/frs/do/viewRelease/projects.noah/frs.noah_1_0_beta_1.beta_3

If you want to report vulnerabilities discovered in the Noah Classifieds 
component for Joomla!/Mambo, please contact
noahsec1-(at)-davidmckinnisconsulting.com. We would also appreciate advanced 
notice of any vulnerabilities discovered in Noah Classifieds to see if they 
also affect the Joomla!/Mambo component.

david mckinnis

Prev by Date: FreeBSD Security Advisory FreeBSD-SA-06:10.nfs
Next by Date: FreeBSD Security Advisory FreeBSD-SA-06:09.openssh [REVISED]
Previous by thread: FreeBSD Security Advisory FreeBSD-SA-06:10.nfs
Next by thread: FreeBSD Security Advisory FreeBSD-SA-06:09.openssh [REVISED]
Index(es):
- Date
- Thread