Old Version of Joomla Vulnerable to Hacking, Security Center Warns

Bach Khoa Internet Security Center (BKIS) warned webmasters nationwide about a highly dangerous gap in the open source content management system Joomla version 1.5.x right after a hacking report was shared on internet to help black-hat hackers to hack websites.

A signal informs the website is being hacked

According to BKIS, a Dutch hacker posted his report online about hacking the gap in Joomla 1.5.5 network to encourage other hackers to take advantage of the gap. The gap which usually stays in the component registry entitled com user allows hackers to reset administration passwords.

The possibility of success is 100 percent, BKIS warned.
 
After resetting password, hackers can log in the administration account via a default username as “admin” and a new password created by them.
 
The process of attacking administration account takes less than one minute and even amateur users can hack the network easily after reading the hacking report.
 
However, this gap does not exist on the Joomla networks version 1.0.x.
 
Mr. Nguyen Tu Quang, director of BKIS, affirmed that they found out 158 websites among 1,178 tested by BKIS at risk. BKIS also informed the webmasters of these sites to check and repair the gap.
 
However, it’s an impossible mission for BKIS to inform thousands of other websites using open source Joomla nationwide. The best solution is that every webmaster tests his website and if any trouble if found to immediately editing the command 113 in the file "reset.php" located at “/components/com_user/models/reset.php” as below:

if(strlen($token) !=32) {
$this->setError(JText::_(‘INVALID_TOKEN’));
return false;
}
 
The three steps recommended by BKIS to prevent from being hacked are changing administration passwords, testing other administrative accounts and deleting unnecessary accounts; rechecking the security system to prevent hacking, scanning and disinfected the backdoors or viruses; and updating to Joomla version 1.5.6 available at http://www.joomla.org/ 
 

Source: BKIS + Nguoi Lao Dong Newspaper – Translated by Truong Son

Other news