Detections
Analytics

FreeBSD : joomla -- flaw in the reset token validation (8514b6e7-6f0f-11dd-b3db-001c2514716c)

high Nessus Plugin ID 34018

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Joomla project reports :

A flaw in the reset token validation mechanism allows for non-validating tokens to be forged. This will allow an unauthenticated, unauthorized user to reset the password of the first enabled user (lowest id). Typically, this is an administrator user.
Note, that changing the first users username may lessen the impact of this exploit (since the person who changed the password does not know the login associated with the new password). However, the only way to completely rectify the issue is to upgrade to 1.5.6 (or patch the /components/com_user/models/reset.php file).

Solution

Update the affected package.

See Also

http://www.nessus.org/u?794fa91d

Plugin Details

Severity: High

ID: 34018

File Name: freebsd_pkg_8514b6e76f0f11ddb3db001c2514716c.nasl

Version: 1.13

Type: local

Published: 8/21/2008

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:joomla15, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 8/20/2008

Vulnerability Publication Date: 8/14/2008

Reference Information

CVE: CVE-2008-3681

CWE: 264