PDA

View Full Version : Joomla Security Vulnerability 1.5.5 and below



jeffc215
08-22-2008, 11:28 AM
Hey all, just an FYI there's a major security hole with Joomla versions 1.5.5 and below. WestHost is providing the latest Joomla update, I spoke to Tech Support and notified them of the issue.

I was running Joomla site 1.5.5 and my site was defaced. Joomla's latest patch 1.5.6 corrects the issue.

Just wanted to give everyone a heads up.

Joomla 1.5.6 Info (http://www.joomla.org/announcements/release-news/5199-joomla-156-released.html)

My actions to restore my site...I say that with the disclaimer that my course of actions worked for me and may not be for all.

- Deleted infected version of joomla (deleted entire joomla directory)
- Restored with a clean back-up copy
- Installed 1.5.6 patch
- Changed all admin passwords

WestHost - MCox
08-22-2008, 11:31 AM
Hello,

I just wanted to let you know that, as of today, we have patched all installations of Joomla from the Site Manager with the security patch from Joomla 1.5.6 (even though the actual install version is still the same). This is noted in the install notes in the "Install and Manage" section of your Site Manager control panel.

wildjokerdesign
08-22-2008, 07:14 PM
This is noted in the install notes in the "Install and Manage" section of your Site Manager control panel.

Mark,
I have never seen any "install notes" while in the Install and Manage section of Site Manager. Are you speaking about the pop up window when you click the http://wsl06022.west-datacenter.net/images/Icon-Info.gif icon?

Never mind... I see that it is indeed the information shown when clicking on the info icon. I was afraid that perhaps I was missing out on some cool new feature. ;)