Michael Lazin on 27 Apr 2009 15:54:29 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] slightly off topic, joomla fireboard sql injection vulnerability?

Hi, I recently discovered that one of our customer's databases was overloaded and abused, it appears to be due to a joomla fireboard vulnerability.  I found this log entry that definitely looks suspicious, although I'm not sure this is definitely the hack.  I've replaced the domain name with x's to protect the vulnerable

access.log.16.gz: - - [16/Apr/2009:02:01:13 -0400] "POST /adminis
trator/index2.php HTTP/1.1" 200 142884 www.xxx.com "http://www.xxx.com/a
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Alexa Toolbar)" "-"

I did a cursory search for Joomla Fireboard SQL injection vulnerabilities and found nothing.  IMHO joomla is crap, I see it cracked all the time, but I am interested in this because I see SQL injection attacks more commonly on M$ servers, and I haven't found any documentation on this particular exploit.  Anyone know where I should look for fireboard vulnerabilities or where I should post to if this turns out to be something new? 


Michael Lazin

ASCII ribbon campaign ( )
against HTML e-mail    X
                                 / \
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug