XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Modules Support forums / 
  3. Module troubleshooting 
  4.  / MyAds 2.x vulnerable!
Register
1
frankblack
MyAds 2.x vulnerable!

  • 2006/6/29 10:39

  • frankblack

  • Just can't stay away

  • Posts: 830

  • Since: 2005/6/13


Just wanted to let you know that MyAds 2.x is vulnerable and all users of this module should fix it.

http://secunia.com/advisories/20882/
2
giba
Re: MyAds 2.x vulnerable!

  • 2006/6/29 13:39

  • giba

  • Just can't stay away

  • Posts: 638

  • Since: 2003/4/26


Very Thanks Franck.

I go to communication users in Brazil.
3
penkay
Re: MyAds 2.x vulnerable!

  • 2006/6/29 14:08

  • penkay

  • Just popping in

  • Posts: 10

  • Since: 2006/3/4 1


Stated in the advisory is the problem and the solution.. can anyone show how to edit the source code to fix this problem.. Please..Please... I use both MyAds and JobListing.(based on MyAds) thanks

The Problem:
Input passed to the "lid" parameter in annonces-p-f.php isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The Solution:
Edit the source code to ensure that input is properly sanitised.
4
davidl2
Re: MyAds 2.x vulnerable!

  • 2006/6/29 14:44

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


I'm unsure who's developing this module, but according to this post - there is an updated release here ...

I don't know if this deals with the problem mentioned or not....
5
giba
Re: MyAds 2.x vulnerable!

  • 2006/6/29 15:12

  • giba

  • Just can't stay away

  • Posts: 638

  • Since: 2003/4/26


About Hack in module.

Look: For who use MyAds

Version MyAds with bug
6
zyspec
Re: MyAds 2.x vulnerable!

  • 2006/6/30 16:21

  • zyspec

  • Module Developer

  • Posts: 1095

  • Since: 2004/9/21


This also looks like this is a problem in Jobs ver 1.9.

The code doesn't sanitize 'lid' as described and it also allows overloading of other variables via $_POST instead of just explicitly loading the variables needed ($yname, $ymail, $fname, $fmail).
7
Bender
Re: MyAds 2.x vulnerable!

  • 2006/7/1 23:04

  • Bender

  • Home away from home

  • Posts: 1899

  • Since: 2003/3/10


It seems:

The original MyAds was made by Pascal Le Boustouller who however is long gone and that version was for e-xoops/Xoops 1.x.

Later there was a rewritten version by two german users.
(Download: here)


Currently it seems to be developed in Japan

http://malaika.s31.xrea.com/

Cannot read much but i there seem to be no mention of this security issue so far.

http://malaika.s31.xrea.com/modules/mydownloads/singlefile.php?cid=2&lid=14
Sorry, this signature is experiencing technical difficulties. We will return you to the sheduled signature as soon as possible ...
8
zyspec
Re: MyAds 2.x vulnerable!

  • 2006/7/2 0:21

  • zyspec

  • Module Developer

  • Posts: 1095

  • Since: 2004/9/21


Bender, et al

I just looked at the source for the Japanese developed version (2.05 jp) and the specific problem identified has been fixed in this version.
9
phppp
Re: MyAds 2.x vulnerable!

  • 2006/7/2 1:23

  • phppp

  • XOOPS Contributor

  • Posts: 2857

  • Since: 2004/1/25


Quote:

zyspec wrote:

I just looked at the source for the Japanese developed version (2.05 jp) and the specific problem identified has been fixed in this version.


If it's true, we should report it to secunia as a fault alarm.
10
DobePhat
Re: MyAds 2.x vulnerable!

  • 2006/7/2 1:53

  • DobePhat

  • Friend of XOOPS

  • Posts: 656

  • Since: 2003/4/15


HAte to throw this out there..but is that JP version even compatable with XOOPS 2.14? And I agree if it's fixed someone should note it here as well,maybe provide an updated download? (the JP version I downloaded, saw appears to be a patch but I couldnt read the read me file so not sure, but I noticed it was missing the familiar cache folder etc. so not sure if it's just different or a patch.)

It'd be much appreciated, Thank you!
(1) 2 3 »

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

426 user(s) are online (313 user(s) are browsing Support Forums)

Members: 0

Guests: 426

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits