For eight years, hackers have been able to exploit this password-stealing flaw in Joomla
For the last eight years a critical vulnerability has lurked within the code of the Joomla CMS which could have allowed malicious hackers to steal every user’s login credentials – including those belonging to administrators.
A CMS is the content management system – a piece of software which manages all of the content on your website, ensuring that visitors get to see the webpage and images that they”re expecting to see. As such, for many companies, a CMS is an essential part of how they deliver content to customers.
For that reason, it’s really important that you keep your website’s CMS patched against the latest discovered vulnerabilities.
A previously unknown injection vulnerability exists in Joomla’s LDAP (Lightweight Directory Access Protocol) authentication code. Because affected versions of the software does not properly sanitise user input, the vulnerability can be exploited through a website’s CMS login page, as the researchers explain:
The lack of input sanitization of the username credential used in the LDAP query allows an adversary to modify the result set of the LDAP search. By using wildcard characters and by observing different authentication error messages, the attacker can literally search for login credentials progressively by sending a row of payloads that guess the credentials character by character.
A successful attack can lead to hackers stealing administrator login credentials, and gaining complete control over a website.
Joomla is one of the world’s most popular content management systems, and is used by millions of websites. As a result, any vulnerability that could lead to administrator passwords being leaked should be considered extremely alarming. What makes the discovery even more shocking, however, is that it has been possible for hackers to exploit the flaw since Joomla version 1.5, released eight years ago.
Joomla is open source software, and is regularly reviewed for vulnerabilities for security holes – and yet no-one found this critical flaw until now. The idea of open source software, being available for anyone to review and check for vulnerabilities, is a great one. But just because anyone can hunt for security holes in 500,000 lines of code doesn’t mean that every bug will be found – or that critical vulnerabilities that could lead to your entire website being compromised will be uncovered in a timely fashion.
Thankfully, in this case, Joomla confirmed and then fixed the vulnerability in a timely fashion after researchers told them about it. You can do your bit to reduce the risk of your site being compromised by updating to the latest version of your CMS, and ensuring that you keep a close eye in the future on emerging security issues.
It’s just a shame that it took eight years for this Joomla security hole to be discovered, and that we’ll never know if malicious hackers exploited it in the meantime.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021