Venkatesh Yalaganddula
Critical security vulnerability found in most popular e-commerce extension "VirtueMart" for the Joomla, it is discovered by Security researchers at Sucuri. This vulnerability could be used by a malicious user to easily gain Super-Admin privileges on your website. With super-admin access, the attacker has full control of the site and database.If you have Joomla based website running the VirtueMart version <2 .6.8c="" a="" allow="" allowing="" an="" and="" anything="" are="" at="" attacker="" backdoors="" become="" campaigns="" could="" distributing="" do="" exploit="" font="" include="" malware="" of="" or="" registration="" risk="" running="" server="" spam="" successful="" super-administrator="" takeover.="" they="" this="" to="" total="" uploading="" user="" visitors.="" want="" website="" would="" your="">
VirtueMart uses Joomla’s JUser class “bind” and “save” methods to handle user accounts information. That’s not a problem in it of itself, but this class is very tricky and easy to make mistakes with.
The bind method roughly does the same thing as PHP’s array_merge function, except for a few points such as live password encryption and the fact that it operates on a class rather than an array.
Using this dangerous behaviour, an attacker could modify JUser’s $isRoot, $groups and $_authGroups variables to add their account to the Super-Administrator group, thus giving them full privileges over the target website / environment.
This bug was discovered and disclosed last week and immediately patched by the VirtueMart team. They also released the update 2.6.8c to fix this issue.
Posted in: Cyber News,Cyber Security,Joomla,Labels Cyber Alerts,Vulnerability,WWW(World Wide Web)
