Text only | Text with Images

Charlottezweb

General Conversation => Script Chat => Topic started by: Jason on March 16, 2012, 04:33:38 PM

Title: Joomla Security Notice :: March 16, 2012
Post by: Jason on March 16, 2012, 04:33:38 PM
Latest Joomla security notice:

http://developer.joomla.org/security/news

Quote
Joomla! Security News
________________________________________
[20120304] - Core - Password Change
Posted: 16 Mar 2012 12:21 AM PDT
?   Project: Joomla!
?   SubProject: All
?   Severity: High
?   Versions: 2.5.2, 2.5.1, 2.5.0, and all 1.7.x and 1.6.x releases
?   Exploit type: Password Change
?   Reported Date: 2012-March-8
?   Fixed Date: 2012-March-15
Description
Insufficient randomness leads to password reset vulnerability.
Affected Installs
Joomla! versions 2.5.2, 2.5.1, 2.5.0, and all 1.7.x and 1.6.x versions
Solution
Upgrade to version 2.5.3


------------------------------------

[20120303] - Core - Privilege Escalation
Posted: 15 Mar 2012 05:00 AM PDT
?   Project: Joomla!
?   SubProject: All
?   Severity: High
?   Versions: 2.5.2, 2.5.1, 2.5.0, and all 1.7.x and 1.6.x releases
?   Exploit type: Privilege Escalation
?   Reported Date: 2012-March-12
?   Fixed Date: 2012-March-15
Description
Programming error allows privilege escalation in some cases.
Affected Installs
Joomla! versions 2.5.2, 2.5.1, 2.5.0, and all 1.7.x and 1.6.x versions
Solution
Upgrade to version 2.5.3
Text only | Text with Images