Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Joomla Bookman Denial Of Service

🗓️ 31 Aug 2011 00:00:00Reported by MustLiveType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 61 Views

Insufficient Anti-automation and Denial of Service vulnerabilities in com_bookman for Joomla and Reservation Manager. CaptchaSecurityImages.php script needs fix

Code
`Hello list!  
  
I want to warn you about Insufficient Anti-automation and Denial of Service  
vulnerabilities in com_bookman for Joomla. Also this component is included  
in Reservation Manager for Joomla.  
  
This is another one of few advisories which I've made in April 2010. In this  
advisory I'm continue to inform readers of mailing lists about vulnerable  
web applications which are using CaptchaSecurityImages.php.  
  
-------------------------  
Affected products:  
-------------------------  
  
Vulnerable are all versions of com_bookman and all versions of Reservation  
Manager for Joomla.  
  
I've already wrote last year the recommendations about fixing these issues  
in another my advisory concerning vulnerable web application with  
CaptchaSecurityImages.php. As I wrote earlier  
(http://www.securityfocus.com/archive/1/511023), developers of  
CaptchaSecurityImages.php fixed this hole at 27.03.2007. So one of the way  
to fix these issues is to use fixed version of the script or to make  
appropriate changes in com_bookman's version of the script.  
  
----------  
Details:  
----------  
  
These are Insufficient Anti-automation and Denial of Service  
vulnerabilities.  
  
The vulnerabilities exist in captcha script CaptchaSecurityImages.php, which  
is using in this system. I already wrote at my site about vulnerabilities in  
CaptchaSecurityImages (http://websecurity.com.ua/4043/).  
  
Insufficient Anti-automation (WASC-21):  
  
http://site/components/com_bookman/functions/CaptchaSecurityImages.php?width=150&height=100&characters=2  
  
Captcha bypass is possible via half-automated or automated (with using of  
OCR) methods, which were mentioned before (http://websecurity.com.ua/4043/).  
  
DoS (WASC-10):  
  
http://site/components/com_bookman/functions/CaptchaSecurityImages.php?width=1000&height=9000  
  
With setting of large values of width and height it's possible to create  
large load at the server.  
  
------------  
Timeline:  
------------  
  
2010.04.10 - disclosed at my site.  
2010.04.11 - informed developers of com_bookman and Reservation Manager for  
Joomla.  
  
I mentioned about these vulnerabilities at my site  
(http://websecurity.com.ua/4117/).  
  
Best wishes & regards,  
MustLive  
Administrator of Websecurity web site  
http://websecurity.com.ua   
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
31 Aug 2011 00:00Current
7.4High risk
Vulners AI Score7.4
joomlacom_bookmanreservation managerinsufficient anti-automationdenial of servicecaptchasecurityimages.phpvulnerabilitiesweb applicationsocrdoswebsecurity sitedisclosure
61