SNS Vulnerability

Joomla "session_ids" Disclosure Vulnerability

Description

(:A vulnerability was reported in Joomla.:An attacker could exploit it via an SQL injection in order to access user's session id.::This vulnerability is due to cookies which store sessions ids as plain text in the "prefix_session" table of the database.)

Vulnerable Products

Vulnerable Software:
Joomla (OSM Development Team) -

Solution

No solution for the moment.

CVE

References

- Full Disclosure : Joomla! session id not hashed.
http://seclists.org/fulldisclosure/2016/Sep/50

Vulnerability Manager Detection

IPS Protection

ASQ Engine alarm	Available Since
SQL injection Prevention - Cookie : suspicious DROP statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious CREATE statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious OPENQUERY statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious DECLARE statement in Cookie	3.5.0
SQL injection Prevention - Cookie : possible version probing in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious INSERT statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious OPENROWSET statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious EXEC statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious UNION statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious HAVING statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious SELECT statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious CAST statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious UPDATE statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious OR statement in Cookie	3.5.0
SQL injection Prevention - Cookie : suspicious DROP statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious EXEC statement in Cookie	4.1.2
SQL injection Prevention - Cookie : possible version probing in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious CAST statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious SELECT statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious CREATE statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious HAVING statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious OPENQUERY statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious OR statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious DECLARE statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious INSERT statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious UPDATE statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious OPENROWSET statement in Cookie	4.1.2
SQL injection Prevention - Cookie : suspicious UNION statement in Cookie	4.1.2
SQL injection Prevention - GET : suspicious combination of 'select' and 'sleep' statements in HTTP header	5.0.0

Risk level

Low

Vulnerability First Public Report Date

2016-09-20

Target Type

Server

Possible exploit

Remote