Home » Blogs » robot_terror's blog

DOOMLA: The wave of compromised OS X Server installations starts in 3...2...1...

Submitted by robot_terror on Tue, 03/04/2008 - 15:15.

Apple's Open Source download page has a new featured package that is guaranteed to raise the profile of Mac OS X Server on the list of exploited servers: Joomla!, or, as I'm starting to call it, DOOM-LA. DOOM-LA

If you don't know why Joomla is veritible DOOMLA for any server, just have a look at the list of known (known!) exploits: 

2008-02-23     Joomla Component simple shop 2.0 SQL Injection Vulnerability     
2008-02-20     Joomla Component com_hwdvideoshare SQL Injection Vulnerability     
2008-02-18     Joomla Component com_clasifier (cat_id) SQL Injection Vulnerability
2008-02-18     Joomla Component com_pccookbook (user_id) SQL Injection Vulnerability
2008-02-18     Joomla Component astatsPRO 1.0 refer.php SQL Injection Vulnerability 
2008-02-16     Joomla Component com_galeria Remote SQL Injection Vulnerability
2008-02-16     Joomla Component jooget <= 2.6.8 Remote SQL Injection Vulnerability
2008-02-14     Joomla Component mediaslide (albumnum) Blind SQL Injection Exploit
2008-02-14     Joomla Component Quiz <= 0.81 (tid) SQL Injection Vulnerability
2008-02-14     Joomla Component MCQuiz 0.9 Final (tid) SQL Injection Vulnerability
2008-02-14     Joomla Component paxxgallery 0.2 (iid) SQL Injection Vulnerability
2008-02-13     Joomla Component xfaq 1.2 (aid) Remote SQL Injection Vulnerability 
2008-02-12     Joomla Component pcchess <= 0.8 Remote SQL Injection Vulnerability
2008-02-12     Joomla Component rapidrecipe <= 1.6.5 SQL Injection Vulnerability
2008-02-08     Joomla Component NeoGallery 1.1 SQL Injection Vulnerability
2008-02-07     Joomla Component com_noticias 1.0 SQL Injection Vulnerability
2008-02-07     Joomla Component com_doc Remote SQL Injection Vulnerability
2008-02-06     Joomla Component Ynews 1.0.0 (id) Remote SQL Injection Vulnerability
2008-02-03     Joomla Component Marketplace 1.1.1 SQL Injection Vulnerability
2008-02-03     Joomla Component mosDirectory 2.3.2 (catid) SQL Injection Vulnerability
2008-02-01     Joomla Component NeoReferences 1.3.1 (catid) SQL Injection Vuln

And that's just since February 2008. Yeah. Mac OS X is DOOM-LA'ed. Thanks, Apple!

»