December 14, 2015 10:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/noTeG21K2gM/attackers-can-hijack-joomla-sites-via-user-agent-strings
Attackers Can Hijack Joomla Sites Via User-Agent Strings
An anonymous reader writes: Joomla just issued a emergency security patch after Sucuri observed a large number of attacks on Joomla sites using malicious user-agent strings. Attackers were adding malicious code to custom-made user-agent strings, which were not sanitized and stored in the database. These allowed attackers to trigger remote code on the site and grant them a backdoor into targeted websites. Even if Joomla doesn't care about older versions, the bug was so critical that it issued security patches even for EOL versions going back to 1.5.x.at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/noTeG21K2gM/attackers-can-hijack-joomla-sites-via-user-agent-strings
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot