Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: MustLive (mustlivewebsecurity.com.ua)
Date: Mon May 02 2011 - 15:50:42 CDT
It's additional information concerning vulnerabilities in multiple themes
for ExpressionEngine, which I informed earlier.
Recently Bjorn Borresen, author of ports of WooThemes' themes for
ExpressionEngine (which was hired by WooThemes for porting their themes for
this engine), informed me that he made his own version of TimThumb for using
in EE named Teemthumb. And in this version of web application other
approaches are used, which makes it immune to this attacks. Which I checked
after looking to its code (the parameters are passing to the script only in
code of the templates, i.e. attacks via GET parameters are not possible).
Taking into account that I contacted WooThemes at 6th of March concerning
their themes for other engines beside WP and they agreed with me (and thus
confirmed that these themes are vulnerable) and told me nothing that in any
of their themes non original versions of TimThumb are used, then this
inaccuracy I leave on their conscience.
So mentioned themes for EE are not vulnerable directly to these attacks,
unlike mentioned by me themes for WordPress, Drupal and Joomla (and also
components for Joomla). But these themes for EE can be attacked locally, at
access to theme editing (so I've gave additional recommendations to the
author). All other themes for EE, which are using original TimThumb, will be
Best wishes & regards,
Administrator of Websecurity web site
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/