|
11/20/2006 |
|
 For a few months, the popularity of Joomla has attracted a wave of hackers on the community. How are they caught there? Where are the faults? What to make to protect itself?
Some answers in this article…
Certain components are vulnerable to “Code Inclusion” attacks.
I.e. that it is possible via the Web to modify files on your waiter.
Generally handling consists in replacing your file configuration.php by
the page of the hacker.
Here a list of components which comprise or which comprised in their preceding versions this type of vulnerability:
- com_simpleboard
- com_hashcash
- com_htmlarea3_xtd-c
- com_sitemap
- com_performs
- com_forum
- com_pccookbook
- com_extcalendar
- minibb
- com_smf
- com_pollxt
- com_loudmounth
- com_videodb
- com_pcchess
- com_multibanners
|
- com_mgm
- com_mambatstaff
- com_securityimages
- com_artlinks
- com_galleria
- com_akocomment com_cropimage
- com_catalogs
- com_kochsuite
- com_comprofiler
- com_zoom
- com_serverstat
- com_fm
- com_a6mambohelpdesk
- com_colophon
|
What to make if you have one of these components on your site? 3 solutions are offered to you:
- Download the last update of the component
- Modify yourself the component to prevent this type of attack (an article will detail handling soon)
- As a last resort, remove it!
 |
