Joomla Core SQL Injection Vulnerability Fixed by 3.7.1


Description   (#An SQL injection vulnerability has been identified in Joomla.#A remote attacker could exploit it via a specially crafted HTTP request in order to execute arbitrary SQL commands.##This vulnerability is due to inadequate filtering of request data.#Updated, 18/05/2017:#The joomla3 packages provided by FreeBSD are vulnerable.#Updated, 01/06/2017:#Contrary to the previous statement, the joomla3 packages provided by FreeBSD are not vulnerable.#Updated, 03/03/2018:#An exploitation code is available.)
     
Vulnerable Products   Vulnerable Software:
Joomla (OSM Development Team) - 3.7
     
Solution   Version 3.7.1 of Joomla fixes this vulnerability.
     
CVE   CVE-2017-8917
     
References   - Joomla : [20170501] - Core - SQL Injection
https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html
- Joomla : Changelog 3.7.1
https://www.joomla.org/announcements/release-news/5705-joomla-3-7-1-release.html
- VuXML : Joomla3 -- SQL Injection
http://www.vuxml.org/freebsd/3c2549b3-3bed-11e7-a9f0-a4badb296695.html
- Securi : SQL Injection Vulnerability in Joomla! 3.7
https://blog.sucuri.net/2017/05/sql-injection-vulnerability-joomla-3-7.html
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
SQL injection Prevention - GET : suspicious OR statement in URL
3.2.0
SQL injection Prevention - GET : suspicious combination of 'OR' or 'AND' statements in URL
3.2.0
SQL injection Prevention - GET : suspicious CREATE statement in URL
3.2.0
SQL injection Prevention - GET : suspicious CAST statement in URL
3.2.0
SQL injection Prevention - GET : suspicious OPENROWSET statement in URL
3.2.0
SQL injection Prevention - GET : suspicious DECLARE statement in URL
3.2.0
SQL injection Prevention - GET : suspicious OPENQUERY statement in URL
3.2.0
SQL injection Prevention - GET : suspicious shutdown statement in URL
3.2.0
SQL injection Prevention - GET : suspicious UNION SELECT statement in URL
3.2.0
SQL injection Prevention - GET : possible database version probing
3.2.0
SQL injection Prevention - GET : suspicious UPDATE SET statement in URL
3.2.0
SQL injection Prevention - GET : suspicious SELECT statement in URL
3.2.0
SQL injection Prevention - GET : suspicious INSERT statement in URL
3.2.0
SQL injection Prevention - GET : suspicious DROP statement in URL
3.2.0
SQL injection Prevention - GET : suspicious EXEC statement in URL
3.2.0
SQL injection Prevention - GET : block comment delimiters in URL
3.2.0
SQL injection Prevention - GET : suspicious combination of 'select' and 'sleep' statements in URL
5.0.0
SQL injection Prevention - GET : Evasion attempt with CAST and EXEC statements
5.0.0
SQL injection Prevention - GET : Authentication bypass attempt with OR statement
5.0.0
SQL injection Prevention - GET : suspicious SQL keywords in URL
5.0.0
     


 
 
 
 
 Risk level 
High 

 Vulnerability First Public Report Date 
2017-05-17 

 Target Type 
Server 

 Possible exploit 
Remote