The PHP / MySQL based open source content management system, Joomla! was updated to version 1.5.9 [Vatani], after the recent release on November 10, 2008 of Joomla! 1.5.8 coded name Wohnaiki. This security release solves two security issues of high and respectively low severity: directory traversal and SSL session token disclosure which affected all of the Joomla! 1.5.x installations, including version 1.5.8.

The first exploit type, directory traversal, could allow to an attacker to display the directory trees existing on the web server. The second exploit deals with the possibility of getting the session token by an attacker in case of non-SSL requests performed for websites running as SSL (Transport Layer Security, formerly Secure Sockets Layer) only, while the entire data transfer is still safe.

The minimum requirements for Joomla!1.5.9 are the same as in the case of all other 1.5.x versions: PHP 4.3.10, MySQL 3.23, Apache 1.3 (with mod_mysql, mod_xml and mod_zlib enabled). Another supported web server as an alternative to Apache is Microsoft IIS 6.

In Joomla! 1.5.9 version, several bugs were solved in case of components, modules, plugins, templates, language, administrator and system, such as the invalid XHTML 1.0 Transitional issues for the Contact Form, Media Manager JavaScript errors, Tool Tip corrections, OpenID Transition and more.

The latest version of Joomla! content management system and framework can be downloaded from Downloadtube website. It is recommended to upgrade to the latest version in order to avoid possible problems caused by attackers and to improve the performances of your Joomla! based website.

Related Articles

• Zemanta Gives Bloggers More Inspiration (0)
• Yahoo! Media Player: A Fast And Lightweight MP3 Player (0)
• WP Super Cache: Fast Loading WordPress Pages (0)
• Windows Live Tools For Microsoft Visual Studio Has A Free Comprehensive Guide (0)
• Website Development Within Web Browsers: Firebug (0)
• Web Analytics For Everyone: Piwik (0)

This entry was posted on Thursday, January 15th, 2009 at 9:08 am and is filed under Content Management Systems, Joomla! News. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.